ID de Prueba:	1.3.6.1.4.1.25623.1.0.51867
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:053 (ethereal)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to ethereal announced via advisory MDKSA-2005:053. A number of issues were discovered in Ethereal versions prior to 0.10.10, which is provided by this update. Matevz Pustisek discovered a buffer overflow in the Etheric dissector (CVE-2005-0704) the GPRS-LLC dissector could crash if the ignore cipher bit was enabled (CVE-2005-0705) Diego Giago found a buffer overflow in the 3GPP2 A11 dissector (CVE-2005-0699) Leon Juranic found a buffer overflow in the IAPP dissector (CVE-2005-0739) and bugs in the JXTA and sFlow dissectors could make Ethereal crash. Affected versions: 10.0, 10.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0699 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0739 http://www.ethereal.com/appnotes/enpa-sa-00018.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0704 12762 http://www.securityfocus.com/bid/12762 FLSA-2006:152922 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html GLSA-200503-16 http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml MDKSA-2005:053 http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 RHSA-2005:306 http://www.redhat.com/support/errata/RHSA-2005-306.html http://www.ethereal.com/appnotes/enpa-sa-00018.html oval:org.mitre.oval:def:10447 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10447 Common Vulnerability Exposure (CVE) ID: CVE-2005-0705 oval:org.mitre.oval:def:10565 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10565 Common Vulnerability Exposure (CVE) ID: CVE-2005-0699 BugTraq ID: 12759 http://www.securityfocus.com/bid/12759 Bugtraq: 20050308 Ethereal remote buffer overflow (Google Search) http://www.securityfocus.com/archive/1/392659 Bugtraq: 20050309 RE: Ethereal remote buffer overflow - addon (Google Search) http://marc.info/?l=bugtraq&m=111038641832400&w=2 Bugtraq: 20050314 Ethereal 0.10.9 and below remote root exploit (Google Search) http://marc.info/?l=bugtraq&m=111083125521813&w=2 http://security.gentoo.org/glsa/glsa-200503-16.xml http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147 Common Vulnerability Exposure (CVE) ID: CVE-2005-0739 BugTraq ID: 12762 Bugtraq: 20050312 Ethereal remote buffer overflow #2 (Google Search) http://marc.info/?l=bugtraq&m=111066805726551&w=2 Debian Security Information: DSA-718 (Google Search) http://www.debian.org/security/2005/dsa-718 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.