|Summary:||Multiple (13) Ethereal remote overflows discovered by Stefan Esser|
|Product:||Gentoo Security||Reporter:||Tobias Weisserth <tobias>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Severity:||critical||CC:||bcowan, condordes, gerald+gentoo, mholzer, netmon, vorlon|
|Package list:||Runtime testing required:||---|
Description Tobias Weisserth 2004-03-23 13:51:11 UTC
This was posted on bugtraq today by Stefan Esser (e-matters): Application: Ethereal 0.8.14 - 0.10.2 Severity: 13 remotely triggerable vulnerabilities were discovered in the multiprotocol packet sniffer Ethereal that allow remote compromise Risk: Critical Vendor Status: Plans to release a fixed version within this week Reference: http://security.e-matters.de/advisories/032004.html Reproducible: Always Steps to Reproduce: Details: visit e-matters advisory for details Actual Results: Details: visit e-matters advisory for details Expected Results: Details: visit e-matters advisory for details
Comment 1 solar (RETIRED) 2004-03-23 21:13:55 UTC
As of now now still no 0.10.3 at sf. http://belnet.dl.sourceforge.net/sourceforge/ethereal/
Comment 2 Joshua J. Berry (CondorDes) (RETIRED) 2004-03-24 20:55:05 UTC
A better URL for checking for a new Ethereal release: http://sourceforge.net/projects/ethereal/ The other URL complains about a file not being found. I'm putting this in a comment so I don't have to keep hunting for the Ethereal page each time I check it. ;)
Comment 3 Joshua J. Berry (CondorDes) (RETIRED) 2004-03-26 11:38:35 UTC
This is version-bumpable with no changes to the ebuild. It emerged with no problems for me, and tethereal works fine. Haven't tried the GUI version. Also, this package has no metadata.xml file. I don't know what herd to assign it to, so I picked names that showed up the most times in the ebuild ChangeLog. I hope this is the right thing to do -- sorry for bothering you guys if it's not.
Comment 4 gen2daniel 2004-03-27 08:55:24 UTC
http://www.ethereal.com/appnotes/enpa-sa-00013.html ethereal 0.10.3 is out!! Serious issues have been discovered in the following protocol dissectors: * Stefan Esser discovered thirteen buffer overflows in the following protocol dissectors: NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP. (CAN-2004-0176) * A zero-length Presentation protocol selector could make Ethereal crash. (CAN-2004-0367) * Jonathan Heussser discovered that a carefully-crafted RADIUS packet could cause a crash. (CAN-2004-0365) * A corrupt color filter file could cause a segmentation fault. Impact: It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file. Resolution: Upgrade to 0.10.3. cp ethereal-0.10.2.ebuild ethereal-0.10.3.ebuild ebuild ethereal-0.10.3.ebuild digest emerge ethereal-0.10.3.ebuild ethereal works without any problems incl. gui
Comment 5 solar (RETIRED) 2004-03-27 09:49:53 UTC
ethereal-0.10.3 in portage as KEYWORDS="~x86 ~sparc ~ppc ~alpha ~amd64 ~ia64" Arch maintainers please test and mark stable when your ready.
Comment 6 Jason Wever (RETIRED) 2004-03-27 12:31:40 UTC
Stable on sparc.
Comment 7 Jason Huebel (RETIRED) 2004-03-27 15:06:12 UTC
stable on amd64
Comment 8 Luca Barbato 2004-03-27 17:35:16 UTC
Stable on ppc
Comment 9 Rajiv Aaron Manglani (RETIRED) 2004-03-28 13:30:21 UTC
*** Bug 45964 has been marked as a duplicate of this bug. ***
Comment 10 Wernfried Haas (RETIRED) 2004-03-29 07:28:38 UTC
Is there a special reason why RESTRICT="nomirror" is set in the ebuild for ethereal-0.10.3 or was this simply forgotten when unmasking it? (same also applies for ethereal-0.10.2.ebuild)
Comment 11 Gerald Combs 2004-03-29 09:13:41 UTC
(Replying to comments 1 and 2) FWIW, the canonical location for the Ethereal source distribution is http://www.ethereal.com/distribution/all-versions/ The sourceforge.net mirror URL _should_ work, but I can only guarantee the ethereal.com URL.
Comment 12 Kurt Lieber (RETIRED) 2004-03-29 23:19:12 UTC
GLSA ID: 200403-07