Alerta de Segurança Debian

DSA-528-1 ethereal -- denial of service

Data do Alerta:
17 Jul 2004
Pacotes Afetados:
ethereal
Vulnerável:
Sim
Referência à base de dados de segurança:
No dicionário CVE do Mitre: CVE-2004-0635.
Informações adicionais:

Muitas vulnerabilidades de negação de serviço foram descobertas em ethereal, um analisador de tráfego de rede. Essas vulnerabilidades estão descritas no alerta "enpa-sa-00015" do ethereal. Dessas, somente uma (CAN-2004-0635) afeta a versão do ethereal no Debian woody. Essa vulnerabilidade poderia ser explorada por um atacante remoto para derrubar o ethereal com um pacote SNMP inválido.

Para a distribuição estável corrente (woody), esses problemas foram corrigidos na versao 0.9.4-1woody8.

Para a distribuição instável (sid), esses problemas foram corrigidos na versão 0.10.5-1.

Nós recomendamos que você atualize seu pacote ethereal.

Corrigido em:

Debian GNU/Linux 3.0 (woody)

Fonte:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8.dsc
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8.diff.gz
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Alpha:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody7_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody7_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody7_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody7_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_sparc.deb

Checksums MD5 dos arquivos listados estão disponíveis no alerta original.