Debians sikkerhedsbulletin
DSA-718-2 ethereal -- bufferoverløb
- Rapporteret den:
- 28. apr 2005
- Berørte pakker:
- ethereal
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Mitres CVE-ordbog: CVE-2005-0739.
- Yderligere oplysninger:
-
[ Denne version oplyser de korrekte pakker i afsnittet "pakker". ]
Et bufferoverløb er opdaget i IAPP-dissektoren i Ethereal, et udbredt program til analysering af netværkstrafik. En fjernangriber kunne måske få en buffer til at løbe over ved hjælp af en særligt fremstillet pakke. Flere problemer er opdaget, der dog ikke vedrører versionen i woody, men er rettet i sid.
I den stabile distribution (woody) er dette problem rettet i version 0.9.4-1woody12.
I den ustabile distribution (sid) er disse problemer rettet i version 0.10.10-1.
Vi anbefaler at du opgraderer dine ethereal-pakker.
- Rettet i:
-
Debian GNU/Linux 3.0 (woody)
- Kildekode:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12.dsc
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12.diff.gz
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody12_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.
MD5-kontrolsummer for de listede filer findes i den reviderede sikkerhedsbulletin.