正文

Ethereal多个未明服务拒绝和潜在代码执行漏洞

admin
admin V管理员 /0 评论 /6 阅读
1231
此篇文章发布距今已超过1237天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Ethereal多个未明服务拒绝和潜在代码执行漏洞

  • CNNVD编号:CNNVD-200412-883
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2004-1141
  • 漏洞类型: 其他
  • 发布时间: 2004-12-31
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: ethereal_group
  • 漏洞来源: Matthew Bing Brian...

漏洞简介

Ethereal 0.10.1至0.10.7版本的HTTP解析器存在漏洞。远程攻击者可以借助某个数据包导致服务拒绝(应用程序崩溃),导致解析器访问提前释放的内存。

漏洞公告

Please see the reference section for more information. Ethereal Group Ethereal 0.10

  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.1
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.2
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.3
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
  • Fedora Legacy ethereal-0.10.13-1.FC2.2.legacy.i386.rpmFedora Core 2: http://download.fedoralegacy.org/fedora/2/updates/i386/ethereal-0.10.1 3-1.FC2.2.legacy.i386.rpm
  • Fedora Legacy ethereal-gnome-0.10.13-1.FC2.2.legacy.i386.rpmFedora Core 2: http://download.fedoralegacy.org/fedora/2/updates/i386/ethereal-gnome- 0.10.13-1.FC2.2.legacy.i386.rpm
  • Mandrake ethereal-0.10.8-0.1.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake ethereal-0.10.8-0.1.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
  • SuSE ethereal-0.10.3-15.12.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/ethereal-0.10.3-1 5.12.i586.rpm
  • SuSE ethereal-0.10.3-15.12.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/ethereal-0.10 .3-15.12.x86_64.rpm
Ethereal Group Ethereal 0.10.4
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.5
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.6
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
  • SuSE ethereal-0.10.6-3.2.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/ethereal-0.10.6-3 .2.i586.rpm
  • SuSE ethereal-0.10.6-3.2.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/ethereal-0.10 .6-3.2.x86_64.rpm
Ethereal Group Ethereal 0.10.7
  • Conectiva ethereal-0.10.8-62475U10_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/ethereal-0.10.8-62475U10_1 cl.i386.rpm
  • Conectiva ethereal-0.10.8-73509U90_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/ethereal-0.10.8-73509U90_3c l.i386.rpm
  • Conectiva ethereal-common-0.10.8-62475U10_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/ethereal-common-0.10.8-624 75U10_1cl.i386.rpm
  • Conectiva ethereal-common-0.10.8-73509U90_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/ethereal-common-0.10.8-7350 9U90_3cl.i386.rpm
  • Conectiva ethereal-gtk-0.10.8-62475U10_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/ethereal-gtk-0.10.8-62475U 10_1cl.i386.rpm
  • Conectiva ethereal-gtk-0.10.8-73509U90_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/ethereal-gtk-0.10.8-73509U9 0_3cl.i386.rpm
  • Conectiva ethereal-utils-0.10.8-62475U10_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/ethereal-utils-0.10.8-6247 5U10_1cl.i386.rpm
  • Conectiva ethereal-utils-0.10.8-73509U90_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/ethereal-utils-0.10.8-73509 U90_3cl.i386.rpm
  • Conectiva tethereal-0.10.8-62475U10_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/tethereal-0.10.8-62475U10_ 1cl.i386.rpm
  • Conectiva tethereal-0.10.8-73509U90_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/tethereal-0.10.8-73509U90_3 cl.i386.rpm
  • Ethereal Group Ethereal 0.10.8 http://www.ethereal.com/download.html
  • Mandrake ethereal-0.10.8-0.1.101mdk.i586.rpmMandrake Linux 10.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake ethereal-0.10.8-0.1.101mdk.x86_64.rpmMandrake Linux 10.1/x86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake ethereal-tools-0.10.8-0.1.101mdk.i586.rpmMandrake Linux 10.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake ethereal-tools-0.10.8-0.1.101mdk.x86_64.rpmMandrake Linux 10.1/x86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake lib64ethereal0-0.10.8-0.1.101mdk.x86_64.rpmMandrake Linux 10.1/x86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libethereal0-0.10.8-0.1.101mdk.i586.rpmMandrake Linux 10.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake tethereal-0.10.8-0.1.101mdk.i586.rpmMandrake Linux 10.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake tethereal-0.10.8-0.1.101mdk.x86_64.rpmMandrake Linux 10.1/x86_64 http://www.mandrakesecure.net/en/ftp.php
Ethereal Group Ethereal 0.9

参考网址

来源: BID 名称: 11943 链接:http://www.securityfocus.com/bid/11943 来源: GENTOO 名称: GLSA-200412-15 链接:http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml 来源: SECUNIA 名称: 13468 链接:http://secunia.com/advisories/13468/ 来源: XF 名称: ethereal-http-dissector-dos(18487) 链接:http://xforce.iss.net/xforce/xfdb/18487 来源: REDHAT 名称: RHSA-2005:037 链接:http://www.redhat.com/support/errata/RHSA-2005-037.html 来源: www.ethereal.com 链接:http://www.ethereal.com/appnotes/enpa-sa-00016.html 来源: CIAC 名称: P-061 链接:http://www.ciac.org/ciac/bulletins/p-061.shtml 来源: OVAL 名称: oval:org.mitre.oval:def:9473 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9473 来源: CONECTIVA 名称: CLA-2005:916 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 来源: FEDORA 名称: FLSA-2006:152922 链接:http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html 来源: MANDRAKE 名称: MDKSA-2004:152 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:152

受影响实体

  • Ethereal_group Ethereal:0.10.7  
    <!--
    2000-1-1
    -->
  • Ethereal_group Ethereal:0.10.6  
    <!--
    2000-1-1
    -->
  • Ethereal_group Ethereal:0.10.5  
    <!--
    2000-1-1
    -->
  • Ethereal_group Ethereal:0.10.4  
    <!--
    2000-1-1
    -->
  • Ethereal_group Ethereal:0.10.3  
    <!--
    2000-1-1
    -->

补丁

    暂无