Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 1 2003-040: ethereal

Vulnerability Assessment Details

Fedora Core 1 2003-040: ethereal
Vulnerability Assessment Summary
Check for the version of the ethereal package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory FEDORA-2003-040 (ethereal).

operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains tests and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.

Update Information:

Serious issues have been discovered in the following protocol dissectors:

* Selecting 'Match->Selected' or 'Prepare->Selected' for a
malformed SMB packet could cause a segmentation fault.
* It is possible for the Q.931 dissector to dereference a null
pointer when reading a malformed packet.

Impact:

Both vulnerabilities will make the Ethereal application crash. The Q.931
vulnerability also affects Tethereal. It is not known if either
vulnerability can be used to make Ethereal or Tethereal run arbitrary code.

Resolution:

Upgrade to 0.10.0.

If you are running a version prior to 0.10.0 and you cannot upgrade, you
can disable the SMB and Q.931 protocol dissectors by selecting
Edit->Protocols... and deselecting them from the list.


Solution : http://www.fedoranews.org/updates/FEDORA-2003-040.shtml
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security
Cables, Connectors


Everex disk drives for parts vintage NOT TESTED picture

Everex disk drives for parts vintage NOT TESTED

$39.99


NMB KEYBOARD RT2258TW NMB PS/2 BEIGE 121944-101 REV A VINTAGE NEW OLD STOCK picture

NMB KEYBOARD RT2258TW NMB PS/2 BEIGE 121944-101 REV A VINTAGE NEW OLD STOCK

$25.99


Vintage Apple MacWorld Magazine Mousepad picture

Vintage Apple MacWorld Magazine Mousepad

$15.00


Vintage Apple Support Tools Mousepad picture

Vintage Apple Support Tools Mousepad

$15.00


Vintage Atari Megafile 44 External 44MB Drive ST STE Mega picture

Vintage Atari Megafile 44 External 44MB Drive ST STE Mega

$340.00


Vintage Compaq Presario 5000 Celeron 600 WIN 98 66MHz 255MB RAM 80GB HDD picture

Vintage Compaq Presario 5000 Celeron 600 WIN 98 66MHz 255MB RAM 80GB HDD

$75.00


Lot Of 5 - Vintage IBM style 80 Column Punch Cards - Kelly 5081, Pink Print Band picture

Lot Of 5 - Vintage IBM style 80 Column Punch Cards - Kelly 5081, Pink Print Band

$5.00


Vintage VTECH Equalizer Laptop Computer 90s Works Great picture

Vintage VTECH Equalizer Laptop Computer 90s Works Great

$89.99


Vintage Rare Apple Macintosh SE 30 Model M5119 1988 Computer Powers On Needs IOS picture

Vintage Rare Apple Macintosh SE 30 Model M5119 1988 Computer Powers On Needs IOS

$99.00


VINTAGE APPLE MACINTOSH M0110 KEYBOARD 128K 512K PLUS WITH ORIGINAL CABLE picture

VINTAGE APPLE MACINTOSH M0110 KEYBOARD 128K 512K PLUS WITH ORIGINAL CABLE

$199.99


Discussions

No Discussions have been posted on this vulnerability.