Debian Security Advisory DSA 528-1 (ethereal) Network Vulnerability

Summary

The remote host is missing an update to ethereal announced via advisory DSA 528-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20528-1

Insight

Several denial of service vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilites are described in the ethereal advisory enpa-sa-00015. Of these, only one (CVE-2004-0635) affects the version of ethereal in Debian woody. This vulnerability could be exploited by a remote attacker to crash ethereal with an invalid SNMP packet. For the current stable distribution (woody), these problems have been fixed in version 0.9.4-1woody8. For the unstable distribution (sid), these problems have been fixed in version 0.10.5-1. We recommend that you update your ethereal package.

Severity

Classification

CVE CVE-2004-0635

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1041-1 (abc2ps)
Debian Security Advisory DSA 080-1 (htdig)
Debian Security Advisory DSA 1098-1 (horde3)
Debian Security Advisory DSA 1054-1 (tiff)
Debian Security Advisory DSA 1061-1 (popfile)

Take action and discover your vulnerabilities