Debian Security Advisory DSA 511-1 (ethereal) Network Vulnerability

Summary

The remote host is missing an update to ethereal announced via advisory DSA 511-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20511-1

Insight

Several buffer overflow vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilites are described in the ethereal advisory enpa-sa-00013. Of these, only some parts of CVE-2004-0176 affect the version of ethereal in Debian woody. CVE-2004-0367 and CVE-2004-0365 are not applicable to this version. For the current stable distribution (woody), these problems have been fixed in version 0.9.4-1woody7. For the unstable distribution (sid), these problems have been fixed in version 0.10.3-1. We recommend that you update your ethereal package.

Severity

Classification

CVE CVE-2004-0176, CVE-2004-0365, CVE-2004-0367

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1151-1 (heartbeat)
Debian Security Advisory DSA 1053-1 (mozilla)
Debian Security Advisory DSA 1143-1 (dhcp)
Debian Security Advisory DSA 1079-1 (mysql-dfsg)
Debian Security Advisory DSA 006-1 (zope)

Take action and discover your vulnerabilities