Test ID:	1.3.6.1.4.1.25623.1.0.50932
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:013 (ethereal)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to ethereal announced via advisory MDKSA-2005:013. A number of vulnerabilities were found in Ethereal, all of which are fixed in version 0.10.9: The COPS dissector could go into an infinite loop (CVE-2005-0006) the DLSw dissector could cause an assertion, making Ethereal exit prematurely (CVE-2005-0007) the DNP dissector could cause memory corruption (CVE-2005-0008) the Gnutella dissector could cause an assertion, making Ethereal exit prematurely (CVE-2005-0009) the MMSE dissector could free static memory (CVE-2005-0010) and the X11 protocol dissector is vulnerable to a string buffer overflow (CVE-2005-0084). Affected versions: 10.0, 10.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:013 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0006 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0084 http://www.ethereal.com/appnotes/enpa-sa-00017.html Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0006 BugTraq ID: 12326 http://www.securityfocus.com/bid/12326 Computer Incident Advisory Center Bulletin: P-106 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10801 http://www.redhat.com/support/errata/RHSA-2005-011.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://secunia.com/advisories/13946/ XForce ISS Database: ethereal-cops-dos(18999) https://exchange.xforce.ibmcloud.com/vulnerabilities/18999 Common Vulnerability Exposure (CVE) ID: CVE-2005-0007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11381 XForce ISS Database: ethereal-dlsw-dos(19000) https://exchange.xforce.ibmcloud.com/vulnerabilities/19000 Common Vulnerability Exposure (CVE) ID: CVE-2005-0008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10689 XForce ISS Database: ethereal-dnp-memory-corruption(19001) https://exchange.xforce.ibmcloud.com/vulnerabilities/19001 Common Vulnerability Exposure (CVE) ID: CVE-2005-0009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10623 XForce ISS Database: ethereal-gnutella-dos(19002) https://exchange.xforce.ibmcloud.com/vulnerabilities/19002 Common Vulnerability Exposure (CVE) ID: CVE-2005-0010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9521 XForce ISS Database: ethereal-mmse-free-memory(19003) https://exchange.xforce.ibmcloud.com/vulnerabilities/19003 Common Vulnerability Exposure (CVE) ID: CVE-2005-0084 Debian Security Information: DSA-653 (Google Search) http://www.debian.org/security/2005/dsa-653 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9140 XForce ISS Database: ethereal-x11-bo(19004) https://exchange.xforce.ibmcloud.com/vulnerabilities/19004
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.