- --------------------------------------------------------------------------
Debian Security Advisory DSA 162-1                     security@debian.org 
Debian -- Security Information                              Martin Schulze
September 6th, 2002                      Debian -- Debian security FAQ 
- --------------------------------------------------------------------------

Package        : ethereal
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2002-0834
BugTraq Id     : 5573

Ethereal developers discovered a buffer overflow in the ISIS protocol
dissector.  It may be possible to make Ethereal crash or hang by
injecting a purposefully malformed packet onto the wire, or by
convincing someone to read a malformed packet trace file.  It may be
possible to make Ethereal run arbitrary code by exploiting the buffer
and pointer problems.

This problem has been fixed in version 0.9.4-1woody2 for the current
stable stable distribution (woody), in version 0.8.0-4potato.1 for
the old stable distribution (potato) and in version 0.9.6-1 for the
unstable distribution (sid).

We recommend that you upgrade your ethereal packages.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
- --------------------------------

  Source archives:

      
      Size/MD5 checksum:      628 ab3421f7cfe2592bcae97ee21d2037f0
      
      Size/MD5 checksum:    52487 8f845d3572e699bd09ed8b7590ef5c8c
      
      Size/MD5 checksum:  1033560 297ae32cc23a154497dad6a1f964bdb1

  Alpha architecture:

      
      Size/MD5 checksum:   725082 8ce2153f5f27d7f6c22aa45187c85a6b

  ARM architecture:

      
      Size/MD5 checksum:   559580 da451f098a62af65f67c5c93dedff929

  Intel IA-32 architecture:

      
      Size/MD5 checksum:   520452 c04c0c6253dc91ea8f773cb1607258df

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:   489770 dd7d17f57ed7b44922453f72d483c55d

  PowerPC architecture:

      
      Size/MD5 checksum:   573334 13d6a9f30560b0d7056bb2938d62c5bf

  Sun Sparc architecture:

      
      Size/MD5 checksum:   554286 7540dd04b2f43db168b579a5b5e4640e


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

      
      Size/MD5 checksum:      679 3422eaafcc0c6790921c2fadcfb45c21
      
      Size/MD5 checksum:    34257 9ba55fbe1973fa07eaea17ceddb0a47b
      
      Size/MD5 checksum:  3278908 42e999daa659820ee93aaaa39ea1e9ea

  Alpha architecture:

      
      Size/MD5 checksum:  1939060 dfb7750119b7688c3d8d8650d17f0d7c
      
      Size/MD5 checksum:   333594 56dff0c9ce5c97aa17b7ddec5764fc7e
      
      Size/MD5 checksum:   221390 7387c42257ef764a2ff02af5f6f10800
      
      Size/MD5 checksum:  1705962 f8269a5cb64515afe3a4c898e2e35b81

  ARM architecture:

      
      Size/MD5 checksum:  1633044 e90d102738aeb2534c7e70acb7873c73
      
      Size/MD5 checksum:   296362 20785f615601377d95a35c18509428c8
      
      Size/MD5 checksum:   205268 cc1809339123e98a18c068214e46ba84
      
      Size/MD5 checksum:  1437240 8ca230be12a78181179c50ec59f14019

  Intel IA-32 architecture:

      
      Size/MD5 checksum:  1511486 dc02fd03fa24a93e5aefa5db2fb3c38f
      
      Size/MD5 checksum:   285708 fead37813e0a8b27b2d198ed96a09e72
      
      Size/MD5 checksum:   197506 3e35362ff31f9c8831da433664a87793
      
      Size/MD5 checksum:  1324234 589dbb41e4b8be0b6f59e1d5029a4534

  Intel IA-64 architecture:

      
      Size/MD5 checksum:  2148514 346ba1362fee8a9384ec622a90ca4da8
      
      Size/MD5 checksum:   372474 d71f6a54b81e9a02fa90fe9d9f655fac
      
      Size/MD5 checksum:   232940 8631b791d6ea4745ec5f9391f1342964
      
      Size/MD5 checksum:  1858670 0748a27f6467eed6e3b990c38adb8ae4

  HP Precision architecture:

      
      Size/MD5 checksum:  1801788 490b5d284861576248e1f4b0dc68f23d
      
      Size/MD5 checksum:   321500 dcf0dcbf57aa1974b34ca2a9282226d5
      
      Size/MD5 checksum:   216122 feebbfda5ae79df0a6319aa91eefad69
      
      Size/MD5 checksum:  1574400 f6c277ee39939222422ccf22c405cdcc

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:  1422128 52618cb598d1cb02aab4265fa1a1e109
      
      Size/MD5 checksum:   281842 093f64d0bfd4f7e285649f085ed23c9e
      
      Size/MD5 checksum:   194400 157b134dea7ae457bb1b45e0c5700761
      
      Size/MD5 checksum:  1246528 cc2467a18ff370127eda708863498e7c

  Big endian MIPS architecture:

      
      Size/MD5 checksum:  1615518 39e888789a4e9b5ae41e9dd9f34d8a70
      
      Size/MD5 checksum:   304542 f150ce7984701d180e72c9119df878d9
      
      Size/MD5 checksum:   212856 20e638a8b96d5f6261145f0a2d7aa61b
      
      Size/MD5 checksum:  1420690 2953c5e2019b980f34e3cda644423791

  Little endian MIPS architecture:

      
      Size/MD5 checksum:  1595962 116c1f6662b30ce208e0b911e0a48abd
      
      Size/MD5 checksum:   304078 e6c2ee04916033005787227a6a9ff249
      
      Size/MD5 checksum:   212514 c8cc996cbe70c49b381f4094ab79a0fd
      
      Size/MD5 checksum:  1404638 e7de537c62efa30669c622df80eb0cfa

  PowerPC architecture:

      
      Size/MD5 checksum:  1616370 d06e81e77f2b378354b7109cfff3999e
      
      Size/MD5 checksum:   301234 3ad14331ebbc28828bfe8d86d06d39d3
      
      Size/MD5 checksum:   208070 003a9293509b86352699297f2dcd06a1
      
      Size/MD5 checksum:  1417096 f8e168e799a3513a4c6c4e5978b48997

  IBM S/390 architecture:

      
      Size/MD5 checksum:  1531624 8d1247e48022c9eca049d6f82fa27b0c
      
      Size/MD5 checksum:   294854 79dfa75bd8dc5594ba00ec45ff018621
      
      Size/MD5 checksum:   200804 e16d387f4b152dd66c9942b2b4a63ab8
      
      Size/MD5 checksum:  1347014 69976bdae0c3f1747e0ef505f99b9685

  Sun Sparc architecture:


      
      Size/MD5 checksum:  1580330 957aa365762f5597bbd0b4b504b0b8b1
      
      Size/MD5 checksum:   317396 a3a32b25fb8e461c51b6c7f1b4b769f0
      
      Size/MD5 checksum:   203866 c29c5dfd294938398b73ecdc1e5a868f
      
      Size/MD5 checksum:  1387140 6c89ba3a017d51ffbb58c0db6e3c6504


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: ethereal buffer overflow

September 6, 2002
It may be possible to make Ethereal crash or hang by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file

Summary

Ethereal developers discovered a buffer overflow in the ISIS protocol
dissector. It may be possible to make Ethereal crash or hang by
injecting a purposefully malformed packet onto the wire, or by
convincing someone to read a malformed packet trace file. It may be
possible to make Ethereal run arbitrary code by exploiting the buffer
and pointer problems.

This problem has been fixed in version 0.9.4-1woody2 for the current
stable stable distribution (woody), in version 0.8.0-4potato.1 for
the old stable distribution (potato) and in version 0.9.6-1 for the
unstable distribution (sid).

We recommend that you upgrade your ethereal packages.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato

Source archives:


Size/MD5 checksum: 628 ab3421f7cfe2592bcae97ee21d2037f0

Size/MD5 checksum: 52487 8f845d3572e699bd09ed8b7590ef5c8c

Size/MD5 checksum: 1033560 297ae32cc23a154497dad6a1f964bdb1

Alpha architecture:


Size/MD5 checksum: 725082 8ce2153f5f27d7f6c22aa45187c85a6b

ARM architecture:


Size/MD5 checksum: 559580 da451f098a62af65f67c5c93dedff929

Intel IA-32 architecture:


Size/MD5 checksum: 520452 c04c0c6253dc91ea8f773cb1607258df

Motorola 680x0 architecture:


Size/MD5 checksum: 489770 dd7d17f57ed7b44922453f72d483c55d

PowerPC architecture:


Size/MD5 checksum: 573334 13d6a9f30560b0d7056bb2938d62c5bf

Sun Sparc architecture:


Size/MD5 checksum: 554286 7540dd04b2f43db168b579a5b5e4640e


Debian GNU/Linux 3.0 alias woody

Source archives:


Size/MD5 checksum: 679 3422eaafcc0c6790921c2fadcfb45c21

Size/MD5 checksum: 34257 9ba55fbe1973fa07eaea17ceddb0a47b

Size/MD5 checksum: 3278908 42e999daa659820ee93aaaa39ea1e9ea

Alpha architecture:


Size/MD5 checksum: 1939060 dfb7750119b7688c3d8d8650d17f0d7c

Size/MD5 checksum: 333594 56dff0c9ce5c97aa17b7ddec5764fc7e

Size/MD5 checksum: 221390 7387c42257ef764a2ff02af5f6f10800

Size/MD5 checksum: 1705962 f8269a5cb64515afe3a4c898e2e35b81

ARM architecture:


Size/MD5 checksum: 1633044 e90d102738aeb2534c7e70acb7873c73

Size/MD5 checksum: 296362 20785f615601377d95a35c18509428c8

Size/MD5 checksum: 205268 cc1809339123e98a18c068214e46ba84

Size/MD5 checksum: 1437240 8ca230be12a78181179c50ec59f14019

Intel IA-32 architecture:


Size/MD5 checksum: 1511486 dc02fd03fa24a93e5aefa5db2fb3c38f

Size/MD5 checksum: 285708 fead37813e0a8b27b2d198ed96a09e72

Size/MD5 checksum: 197506 3e35362ff31f9c8831da433664a87793

Size/MD5 checksum: 1324234 589dbb41e4b8be0b6f59e1d5029a4534

Intel IA-64 architecture:


Size/MD5 checksum: 2148514 346ba1362fee8a9384ec622a90ca4da8

Size/MD5 checksum: 372474 d71f6a54b81e9a02fa90fe9d9f655fac

Size/MD5 checksum: 232940 8631b791d6ea4745ec5f9391f1342964

Size/MD5 checksum: 1858670 0748a27f6467eed6e3b990c38adb8ae4

HP Precision architecture:


Size/MD5 checksum: 1801788 490b5d284861576248e1f4b0dc68f23d

Size/MD5 checksum: 321500 dcf0dcbf57aa1974b34ca2a9282226d5

Size/MD5 checksum: 216122 feebbfda5ae79df0a6319aa91eefad69

Size/MD5 checksum: 1574400 f6c277ee39939222422ccf22c405cdcc

Motorola 680x0 architecture:


Size/MD5 checksum: 1422128 52618cb598d1cb02aab4265fa1a1e109

Size/MD5 checksum: 281842 093f64d0bfd4f7e285649f085ed23c9e

Size/MD5 checksum: 194400 157b134dea7ae457bb1b45e0c5700761

Size/MD5 checksum: 1246528 cc2467a18ff370127eda708863498e7c

Big endian MIPS architecture:


Size/MD5 checksum: 1615518 39e888789a4e9b5ae41e9dd9f34d8a70

Size/MD5 checksum: 304542 f150ce7984701d180e72c9119df878d9

Size/MD5 checksum: 212856 20e638a8b96d5f6261145f0a2d7aa61b

Size/MD5 checksum: 1420690 2953c5e2019b980f34e3cda644423791

Little endian MIPS architecture:


Size/MD5 checksum: 1595962 116c1f6662b30ce208e0b911e0a48abd

Size/MD5 checksum: 304078 e6c2ee04916033005787227a6a9ff249

Size/MD5 checksum: 212514 c8cc996cbe70c49b381f4094ab79a0fd

Size/MD5 checksum: 1404638 e7de537c62efa30669c622df80eb0cfa

PowerPC architecture:


Size/MD5 checksum: 1616370 d06e81e77f2b378354b7109cfff3999e

Size/MD5 checksum: 301234 3ad14331ebbc28828bfe8d86d06d39d3

Size/MD5 checksum: 208070 003a9293509b86352699297f2dcd06a1

Size/MD5 checksum: 1417096 f8e168e799a3513a4c6c4e5978b48997

IBM S/390 architecture:


Size/MD5 checksum: 1531624 8d1247e48022c9eca049d6f82fa27b0c

Size/MD5 checksum: 294854 79dfa75bd8dc5594ba00ec45ff018621

Size/MD5 checksum: 200804 e16d387f4b152dd66c9942b2b4a63ab8

Size/MD5 checksum: 1347014 69976bdae0c3f1747e0ef505f99b9685

Sun Sparc architecture:



Size/MD5 checksum: 1580330 957aa365762f5597bbd0b4b504b0b8b1

Size/MD5 checksum: 317396 a3a32b25fb8e461c51b6c7f1b4b769f0

Size/MD5 checksum: 203866 c29c5dfd294938398b73ecdc1e5a868f

Size/MD5 checksum: 1387140 6c89ba3a017d51ffbb58c0db6e3c6504


These files will probably be moved into the stable distribution on
its next revision.

For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/






Severity
Package : ethereal
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Id : CAN-2002-0834
BugTraq Id : 5573

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved