English | Deutsch | Español | Português
 ID de Usuario:
 Contraseña:
Nuevo usuario
 Acerca de:   Dedicada | Avanzada | Estándar | Periódica | Sin Riesgo | Escritorio | Básica | Individual | Sello | FAQ
  Resumen de Precio/Funciones | Ordenar  | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad
 Búsqueda de    
Vulnerabilidad   
    Buscar 75803 Descripciones CVE y
40037 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57356
Categoría:Debian Local Security Checks
Título:Debian Security Advisory DSA 1171-1 (ethereal)
Resumen:Debian Security Advisory DSA 1171-1 (ethereal)
Descripción:The remote host is missing an update to ethereal
announced via advisory DSA 1171-1.

Several remote vulnerabilities have been discovered in the Ethereal network
scanner, which may lead to the execution of arbitrary code. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2006-4333

It was discovered that the Q.2391 dissector is vulnerable to denial
of service caused by memory exhaustion.

CVE-2005-3241

It was discovered that the FC-FCS, RSVP and ISIS-LSP dissectors are
vulnerable to denial of service caused by memory exhaustion.

CVE-2005-3242

It was discovered that the IrDA and SMB dissectors are vulnerable to
denial of service caused by memory corruption.

CVE-2005-3243

It was discovered that the SLIMP3 and AgentX dissectors are vulnerable
to code injection caused by buffer overflows.

CVE-2005-3244

It was discovered that the BER dissector is vulnerable to denial of
service caused by an infinite loop.

CVE-2005-3246

It was discovered that the NCP and RTnet dissectors are vulnerable to
denial of service caused by a null pointer dereference.

CVE-2005-3248

It was discovered that the X11 dissector is vulnerable denial of service
caused by a division through zero.

This update also fixes a 64 bit-specific regression in the ASN.1 decoder, which
has been introduced in a previous DSA.

For the stable distribution (sarge) these problems have been fixed in
version 0.10.10-2sarge8.

For the unstable distribution (sid) these problems have been fixed in
version 0.99.2-5.1 of wireshark, the network sniffer formerly known as
ethereal.

We recommend that you upgrade your ethereal packages.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201171-1
Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4333
Bugtraq: 20060825 rPSA-2006-0158-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/archive/1/444323/100/0/threaded
Debian Security Information: DSA-1171 (Google Search)
http://www.debian.org/security/2006/dsa-1171
http://security.gentoo.org/glsa/glsa-200608-26.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:152
http://www.redhat.com/support/errata/RHSA-2006-0658.html
CERT/CC vulnerability note: VU#696896
http://www.kb.cert.org/vuls/id/696896
BugTraq ID: 19690
http://www.securityfocus.com/bid/19690
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11801
http://www.vupen.com/english/advisories/2006/3370
http://securitytracker.com/id?1016736
http://secunia.com/advisories/21597
http://secunia.com/advisories/21649
http://secunia.com/advisories/21813
http://secunia.com/advisories/21619
http://secunia.com/advisories/21682
http://secunia.com/advisories/21885
http://secunia.com/advisories/22378
XForce ISS Database: wireshark-sscop-dos(28556)
http://xforce.iss.net/xforce/xfdb/28556
XForce ISS Database: wireshark-esp-offbyone(28553)
http://xforce.iss.net/xforce/xfdb/28553
Common Vulnerability Exposure (CVE) ID: CVE-2005-3241
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml
http://www.redhat.com/support/errata/RHSA-2005-809.html
SuSE Security Announcement: SUSE-SR:2005:025 (Google Search)
http://www.novell.com/linux/security/advisories/2005_25_sr.html
BugTraq ID: 15148
http://www.securityfocus.com/bid/15148
http://www.osvdb.org/20121
http://www.osvdb.org/20122
http://www.osvdb.org/20123
http://www.osvdb.org/20124
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10582
http://securitytracker.com/id?1015082
http://secunia.com/advisories/17377
http://secunia.com/advisories/17254
http://secunia.com/advisories/17286
http://secunia.com/advisories/17327
http://secunia.com/advisories/17392
http://secunia.com/advisories/17480
Common Vulnerability Exposure (CVE) ID: CVE-2005-3242
http://www.osvdb.org/20125
http://www.osvdb.org/20133
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10558
Common Vulnerability Exposure (CVE) ID: CVE-2005-3243
http://www.frsirt.com/exploits/20051020.ethereal_slimp3_bof.py.php
http://www.osvdb.org/20126
http://www.osvdb.org/20135
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9836
Common Vulnerability Exposure (CVE) ID: CVE-2005-3244
http://www.osvdb.org/20127
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9665
Common Vulnerability Exposure (CVE) ID: CVE-2005-3246
http://www.osvdb.org/20128
http://www.osvdb.org/20130
http://www.osvdb.org/20131
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10303
Common Vulnerability Exposure (CVE) ID: CVE-2005-3248
http://www.osvdb.org/20134
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11002
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 40037 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:
Usuario:
Contraseña:
Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.
Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.
   Privacidad
Ingreso de Usuario Registrado
 
Usuario:   
Contraseña:  

 ¿Olvidó su usuario o contraseña??
Email/ID de Usario:




Principal | Acerca de Nosotros | Contáctenos | Programas de Asociado | Developer APIs | Privacidad | Listas de Correo | Abuso
Auditorías de Seguridad | DNS Administrado | Monitoreo de Red | Analizador de Sitio | Informes de Investigación de Internet
Prueba de Web | Whois

© 1998-2014 E-Soft Inc. Todos los derechos reservados.