Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:136
HistoryMar 30, 2004 - 12:00 a.m.

(RHSA-2004:136) ethereal security update

2004-03-3000:00:00
access.redhat.com
14

0.933 High

EPSS

Percentile

99.1%

JSON

Ethereal is a program for monitoring network traffic.

Stefan Esser reported that Ethereal versions 0.10.1 and earlier contain
stack overflows in the IGRP, PGM, Metflow, ISUP, TCAP, or IGAP dissectors.
On a system where Ethereal is being run a remote attacker could send
malicious packets that could cause Ethereal to crash or execute arbitrary
code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0176 to this issue.

Jonathan Heussser discovered that a carefully-crafted RADIUS packet could
cause a crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0365 to this issue.

Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of
service (crash) via a zero-length Presentation protocol selector. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0367 to this issue.

Users of Ethereal should upgrade to these updated packages, which contain
a version of Ethereal that is not vulnerable to these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyi386ethereal< 0.10.3-0.AS21.1ethereal-0.10.3-0.AS21.1.i386.rpm
RedHatanyia64ethereal-gnome< 0.10.3-0.AS21.1ethereal-gnome-0.10.3-0.AS21.1.ia64.rpm
RedHatanyppcethereal-gnome< 0.10.3-0.30E.1ethereal-gnome-0.10.3-0.30E.1.ppc.rpm
RedHatanyi386ethereal-gnome< 0.10.3-0.AS21.1ethereal-gnome-0.10.3-0.AS21.1.i386.rpm
RedHatanyx86_64ethereal-gnome< 0.10.3-0.30E.1ethereal-gnome-0.10.3-0.30E.1.x86_64.rpm
RedHatanyia64ethereal< 0.10.3-0.AS21.1ethereal-0.10.3-0.AS21.1.ia64.rpm
RedHatanyia64ethereal-gnome< 0.10.3-0.30E.1ethereal-gnome-0.10.3-0.30E.1.ia64.rpm
RedHatanys390xethereal< 0.10.3-0.30E.1ethereal-0.10.3-0.30E.1.s390x.rpm
RedHatanys390ethereal< 0.10.3-0.30E.1ethereal-0.10.3-0.30E.1.s390.rpm
RedHatanyi386ethereal-gnome< 0.10.3-0.30E.1ethereal-gnome-0.10.3-0.30E.1.i386.rpm
Rows per page:
1-10 of 161

Related

nessus 7
openvas 7
gentoo 1
osv 1
debian 1
freebsd 1
securityvulns 2
nvd 4
cve 4
cvelist 4
cert 9
checkpoint_advisories 1
suse 1
ubuntu 1
nessus
nessus
RHEL 2.1 / 3 : ethereal (RHSA-2004:136)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : ethereal (MDKSA-2004:024)
2004-07-31 00:00:00
FreeBSD : multiple vulnerabilities in ethereal (cdf18ed9-7f4a-11d8-9645-0020ed76ef5a)
2009-04-23 00:00:00
openvas
openvas
Debian Security Advisory DSA 511-1 (ethereal)
2008-01-17 00:00:00
FreeBSD Ports: ethereal, tethereal
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200403-07 (ethereal)
2008-09-24 00:00:00
gentoo
gentoo
Multiple remote overflows and vulnerabilities in Ethereal
2004-03-28 00:00:00
osv
osv
ethereal - buffer overflows
2004-05-30 00:00:00
debian
debian
[SECURITY] [DSA 511-1] New ethereal packages fix buffer overflows
2004-05-30 18:26:03
freebsd
freebsd
multiple vulnerabilities in ethereal
2004-03-23 00:00:00
securityvulns
securityvulns
[OpenPKG-SA-2004.015] OpenPKG Security Advisory &#40;ethereal&#41;
2004-06-05 00:00:00
Advisory 03/2004: Multiple &#40;13&#41; Ethereal remote overflows
2004-03-24 00:00:00
nvd
nvd
CVE-2004-0367
2004-05-04 04:00:00
CVE-2004-0365
2004-05-04 04:00:00
CVE-2004-1761
2004-12-31 05:00:00
cve
cve
CVE-2004-0367
2004-05-04 04:00:00
CVE-2004-0365
2004-05-04 04:00:00
CVE-2004-1761
2005-03-10 05:00:00
cvelist
cvelist
CVE-2004-0365
2004-03-25 05:00:00
CVE-2004-0367
2004-03-25 05:00:00
CVE-2004-1761
2005-03-10 05:00:00
cert
cert
Ethereal contains multiple vulnerabilities in the IGAP protocol dissector
2004-03-24 00:00:00
Ethereal contains multiple vulnerabilities in the EIGRP protocol dissector
2004-03-24 00:00:00
Ethereal contains multiple vulnerabilities in the UCP protocol dissector
2004-03-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Ethereal Netflow Dissector Buffer Overflow (CVE-2004-0176)
2009-10-22 00:00:00
suse
suse
local privilege escalation in mc
2004-05-14 14:09:57
ubuntu
ubuntu
Linux kernel vulnerabilities
2005-02-15 00:00:00

0.933 High

EPSS

Percentile

99.1%

JSON
Related for RHSA-2004:136
nessus7openvas7gentoo1osv1debian1freebsd1securityvulns2nvd4cve4cvelist4cert9checkpoint_advisories1suse1ubuntu1