Test Kennung:	1.3.6.1.4.1.25623.1.0.57271
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2006:0602
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2006:0602. Ethereal is a program for monitoring network traffic. In May 2006, Ethereal changed its name to Wireshark. This update deprecates the Ethereal packages in Red Hat Enterprise Linux 2.1, 3, and 4 in favor of the supported Wireshark packages. Several denial of service bugs were found in Ethereal's protocol dissectors. It was possible for Ethereal to crash or stop responding if it read a malformed packet off the network. (CVE-2006-3627, CVE-2006-3629, CVE-2006-3631) Several buffer overflow bugs were found in Ethereal's ANSI MAP, NCP NMAS, and NDPStelnet dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3630, CVE-2006-3632) Several format string bugs were found in Ethereal's Checkpoint FW-1, MQ, XML, and NTP dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3628) Users of Ethereal should upgrade to these updated packages containing Wireshark version 0.99.2, which is not vulnerable to these issues Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0602.html http://www.wireshark.org/security/wnpa-sec-2006-01.html http://www.wireshark.org/faq.html#q1.2 http://www.redhat.com/security/updates/classification/#moderate Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3627 19051 http://www.securityfocus.com/bid/19051 20060719 rPSA-2006-0132-1 tshark wireshark http://www.securityfocus.com/archive/1/440576/100/0/threaded 20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P 21078 http://secunia.com/advisories/21078 21107 http://secunia.com/advisories/21107 21121 http://secunia.com/advisories/21121 21204 http://secunia.com/advisories/21204 21467 http://secunia.com/advisories/21467 21488 http://secunia.com/advisories/21488 21598 http://secunia.com/advisories/21598 22089 http://secunia.com/advisories/22089 ADV-2006-2850 http://www.vupen.com/english/advisories/2006/2850 GLSA-200607-09 http://security.gentoo.org/glsa/glsa-200607-09.xml MDKSA-2006:128 http://www.mandriva.com/security/advisories?name=MDKSA-2006:128 RHSA-2006:0602 http://rhn.redhat.com/errata/RHSA-2006-0602.html SUSE-SR:2006:020 http://www.novell.com/linux/security/advisories/2006_20_sr.html http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm http://www.wireshark.org/security/wnpa-sec-2006-01.html https://issues.rpath.com/browse/RPL-512 oval:org.mitre.oval:def:11307 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11307 wireshark-gsm-bssmap-dos(27821) https://exchange.xforce.ibmcloud.com/vulnerabilities/27821 Common Vulnerability Exposure (CVE) ID: CVE-2006-3628 1016532 http://securitytracker.com/id?1016532 21249 http://secunia.com/advisories/21249 27362 http://www.osvdb.org/27362 27363 http://www.osvdb.org/27363 27364 http://www.osvdb.org/27364 27369 http://www.osvdb.org/27369 DSA-1127 http://www.debian.org/security/2006/dsa-1127 oval:org.mitre.oval:def:9175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9175 wireshark-ansimap-format-string(27822) https://exchange.xforce.ibmcloud.com/vulnerabilities/27822 wireshark-cpfw1-format-string(27823) https://exchange.xforce.ibmcloud.com/vulnerabilities/27823 wireshark-mq-format-string(27824) https://exchange.xforce.ibmcloud.com/vulnerabilities/27824 wireshark-ntp-format-string(27828) https://exchange.xforce.ibmcloud.com/vulnerabilities/27828 wireshark-xml-format-string(27825) https://exchange.xforce.ibmcloud.com/vulnerabilities/27825 Common Vulnerability Exposure (CVE) ID: CVE-2006-3629 27365 http://www.osvdb.org/27365 oval:org.mitre.oval:def:10492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10492 wireshark-mount-dos(27826) https://exchange.xforce.ibmcloud.com/vulnerabilities/27826 Common Vulnerability Exposure (CVE) ID: CVE-2006-3630 27366 http://www.osvdb.org/27366 27367 http://www.osvdb.org/27367 27368 http://www.osvdb.org/27368 oval:org.mitre.oval:def:11350 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11350 wireshark-nmas-ndps-offbyone(27827) https://exchange.xforce.ibmcloud.com/vulnerabilities/27827 Common Vulnerability Exposure (CVE) ID: CVE-2006-3631 27370 http://www.osvdb.org/27370 oval:org.mitre.oval:def:11476 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11476 wireshark-ssh-dos(27829) https://exchange.xforce.ibmcloud.com/vulnerabilities/27829 Common Vulnerability Exposure (CVE) ID: CVE-2006-3632 27371 http://www.osvdb.org/27371 oval:org.mitre.oval:def:9468 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9468 wireshark-nfs-bo(27830) https://exchange.xforce.ibmcloud.com/vulnerabilities/27830
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.