|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:002: ethereal Vulnerability Assessment Details
|
MDKSA-2004:002: ethereal |
||
|
Check for the version of the ethereal package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2004:002 (ethereal). Two vulnerabilities were discovered in versions of Ethereal prior to 0.10.0 that can be exploited to make Ethereal crash by injecting malformed packets onto the wire or by convincing a user to read a malformed packet trace file. The first vulnerability is in the SMB dissector and the second is in the Q.391 dissector. It is not known whether or not these issues could lead to the execution of arbitrary code. The updated packages provide Ethereal 0.10.0 which is not vulnerable to these issues. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:002 Network Security Threat Level: High Networks Security ID: 9248, 9249 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
|
Wireless Networking, WiFi |
|
||
|
No Discussions have been posted on this vulnerability. |