linux, säkerhet

74232 2002-08-30  18:03  /50 rader/ Daniel Ahlberg <aliz@gentoo.org>
Importerad: 2002-08-30  18:03  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <1328>
Ärende: GLSA: ethereal
------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE        :ethereal
SUMMARY        :buffer overflow
DATE           :2002-08-30 07:30 UTC

- - --------------------------------------------------------------------

OVERVIEW

The ISIS protocol dissector in Ethereal 0.9.5 and earlier versions
is susceptible to a buffer overflow.

DETAIL

It may be possible to make Ethereal crash or hang by injecting a
purposefully malformed packet onto the wire, or by convincing someone
to read a malformed packet trace file. It may be possible to make
Ethereal run arbitrary code by exploiting the buffer and pointer
problems.

The full advisory can be read at
http://www.ethereal.com/appnotes/enpa-sa-00006.html

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-analyzer/ethereal-0.9.5-r2 and earlier update their systems
as follows:

emerge rsync
emerge ethereal
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9bytUfT7nyhUpoZMRAms+AKCUt6lH8p4gYd+1D92rf3mod3YpuwCeJRSa
l4axUEqXgrW1U46/R5V8SN8=
=N0in
-----END PGP SIGNATURE-----
(74232) /Daniel Ahlberg <aliz@gentoo.org>/(Ombruten)
74250 2002-08-30  22:08  /54 rader/ Jonas Eriksson <je@sekure.net>
Importerad: 2002-08-30  22:08  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <1334>
Ärende: Potential issue with Ethereal
------------------------------------------------------------

From the ethereal page,
http://www.ethereal.com/appnotes/enpa-sa-00006.html


SUMMARY

Name: Potential issue with Ethereal 0.9.5
Docid: enpa-sa-00006

Date: August 20, 2002

Severity: High



DETAILS

Description: The ISIS protocol dissector in Ethereal 0.9.5 and
earlier versions is susceptible to a buffer overflow. In order to
determine which version of Ethereal you have installed, do one of the
following:


Load Ethereal and go to the Help->About Ethereal... menu item.

From the command line run
ethereal -vor
tethereal -v(the "v" is lowercase").

Either action will display the the application version along with the
libraries that Ethereal and Tethereal are linked with. If version
"0.9.5" or prior is displayed, the application is susceptible.
Impact:

It may be possible to make Ethereal crash or hang by injecting a
purposefully malformed packet onto the wire, or by convincing someone
to read a malformed packet trace file. It may be possible to make
Ethereal run arbitrary code by exploiting the buffer and pointer
problems.

Resolution:

Upgrade to 0.9.6.

If you are running a version prior to 0.9.6, you can disable the ISIS
protocol dissector by selecting Edit->Protocols... and deselecting
"isis" from the list.



Regards,
Jonas Eriksson
(74250) /Jonas Eriksson <je@sekure.net>/--(Ombruten)