Test ID:	1.3.6.1.4.1.25623.1.0.54109
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2003:019 (ethereal)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory SUSE-SA:2003:019. Ethereal is a GUI for analyzing and displaying network traffic. Ethereal is vulnerable to a format string bug in it's SOCKS code and to a heap buffer overflow in it's NTLMSSP code. These bugs can be abused to crash ethereal or maybe to execute arbitrary code on the machine running ethereal. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2003:019 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 7049 Common Vulnerability Exposure (CVE) ID: CVE-2003-0081 http://www.securityfocus.com/bid/7049 Conectiva Linux advisory: CLSA-2003:627 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000627 Debian Security Information: DSA-258 (Google Search) http://www.debian.org/security/2003/dsa-258 http://seclists.org/lists/fulldisclosure/2003/Mar/0080.html http://www.linuxsecurity.com/advisories/gentoo_advisory-2949.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:051 http://www.guninski.com/etherre.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A54 http://www.redhat.com/support/errata/RHSA-2003-076.html http://www.redhat.com/support/errata/RHSA-2003-077.html SuSE Security Announcement: SuSE-SA:2003:019 (Google Search) http://www.novell.com/linux/security/advisories/2003_019_ethereal.html XForce ISS Database: ethereal-socks-format-string(11497) https://exchange.xforce.ibmcloud.com/vulnerabilities/11497
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.