Yellow Dog Linux Security Advisory: YDU-20030718-2

Terra Soft Security Team yellowdog-updates@lists.terrasoftsolutions.com
Fri, 18 Jul 2003 15:58:32 -0600 

Yellow Dog Linux Security Announcement
--------------------------------------

Package:	ethereal
Issue Date:	Jul 18,2003
Priority:	medium
Advisory ID: 	YDU-20030718-2


1. 	Topic:

	Updated ethereal packages are available.


2. 	Problem:

	"Ethereal is a program for monitoring network traffic.

	A number of security issues affect Ethereal. By exploiting these issues it
	may be possible to make Ethereal crash or run arbitrary code by injecting a
	purposefully malformed packet onto the wire or by convincing someone to
	read a malformed packet trace file.

	Multiple off-by-one vulnerabilities exist in Ethereal 0.9.11 and earlier in
	the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP,
	and TSP dissectors. They do not properly use the tvb_get_nstringz and
	tvb_get_nstringz0 functions. Common Vulnerabilities and Exposures project
	(cve.mitre.org) has assigned the name CAN-2003-0356 to these issues.

	Multiple integer overflow vulnerabilities exist in Ethereal 0.9.11 and
	earlier in the Mount and PPP dissectors. (CAN-2003-0357)

	A vulnerability in the DCERPC dissector exists in Ethereal 0.9.12 and
	earlier, allowing remote attackers to cause a denial of service (memory
	consumption) via a certain NDR string. (CAN-2003-0428)

	The OSI dissector in Ethereal 0.9.12 and earlier causes by invalid IPv4 or
	IPv6 prefix lengths, possibly triggering a buffer overflow. (CAN-2003-0429)

	The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers
	to cause a denial of service (crash) via an invalid ASN.1 value.
	(CAN-2003-0430)

	The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not
	properly handle a zero-length buffer size. (CAN-2003-0431)

	Ethereal 0.9.12 and earlier does not handle certain strings properly in the
	BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, ISIS, and RMI dissectors.
	(CAN-2003-0432)

	Users of Ethereal should update to the erratum packages containing Ethereal
	version 1.9.13, which are not vulnerable to these issues."
	
	From Red Hat Advisory


3. 	Solution:

    	a) Updating via yum...
	We suggest that you use the yum program to keep your
         system up-to-date. The following command(s) will retrieve
	and install the fixed version of this update onto your system:

		yum update ethereal

	b) Updating manually...
	Download the updates below and then run the following rpm command.
    	(Please use a mirror site)

		rpm -Fvh [filenames]
		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/
			ppc/ethereal-0.9.13-1.90.1a.ppc.rpm
			ppc/ethereal-gnome-0.9.13-1.90.1a.ppc.rpm


4. Verification

MD5 checksum			  Package
--------------------------------  ----------------------------
a54f8f74064a4c62011f29678aed9f8b  SRPMS/ethereal-0.9.13-1.90.1a.src.rpm
b938786f10df1394d0019799b6a4e8b1  ethereal-0.9.13-1.90.1a.ppc.rpm
3a905c82e3127cf2359be3ca2555232f  ethereal-gnome-0.9.13-1.90.1a.ppc.rpm

If you wish to verify that each package has not been corrupted or 
tampered with,
examine the md5sum with the following command: md5sum <filename>


5. Misc.

Terra Soft has setup a moderated mailing list where these security, 
bugfix, and package
enhancement announcements will be posted. See 
http://lists.terrasoftsolutions.com/ for more
information.

For information regarding the usage of yum, see:
http://www.yellowdoglinux.com/support/solutions/ydl_general/yum.shtml