Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:131 (ethereal)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.54489
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:131 (ethereal)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to ethereal announced via advisory MDKSA-2005:131. A number of vulnerabilities were discovered in versions of Ethereal prior to version 0.10.12, including: The SMB dissector could overflow a buffer or exhaust memory (CVE-2005-2365). iDefense discovered that several dissectors are vulnerable to format string overflows (CVE-2005-2367). A number of other portential crash issues in various dissectors have also been corrected. This update provides Ethereal 0.10.12 which is not vulnerable to these issues. Affected versions: 10.1, 10.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:131 http://www.ethereal.com/appnotes/enpa-sa-00020.html Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2365 14399 http://www.securityfocus.com/bid/14399 16225 http://secunia.com/advisories/16225/ 17102 http://secunia.com/advisories/17102 DSA-853 http://www.debian.org/security/2005/dsa-853 FLSA-2006:152922 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html GLSA-200507-27 http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml RHSA-2005:687 http://www.redhat.com/support/errata/RHSA-2005-687.html SUSE-SR:2005:019 http://www.novell.com/linux/security/advisories/2005_19_sr.html http://www.ethereal.com/appnotes/enpa-sa-00020.html oval:org.mitre.oval:def:9118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9118 Common Vulnerability Exposure (CVE) ID: CVE-2005-2367 20050805 Multiple Vendor Ethereal AFP Protocol Dissector Format String Vulnerability http://www.idefense.com/application/poi/display?id=289&type=vulnerabilities MDKSA-2005:131 http://www.mandriva.com/security/advisories?name=MDKSA-2005:131 SUSE-SR:2005:018 http://www.novell.com/linux/security/advisories/2005_18_sr.html oval:org.mitre.oval:def:10765 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10765 Common Vulnerability Exposure (CVE) ID: CVE-2005-2360 oval:org.mitre.oval:def:11254 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11254 Common Vulnerability Exposure (CVE) ID: CVE-2005-2361 oval:org.mitre.oval:def:10225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10225 Common Vulnerability Exposure (CVE) ID: CVE-2005-2362 http://secunia.com/advisories/16225 oval:org.mitre.oval:def:10059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10059 Common Vulnerability Exposure (CVE) ID: CVE-2005-2363 oval:org.mitre.oval:def:11271 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11271 Common Vulnerability Exposure (CVE) ID: CVE-2005-2364 18386 http://www.osvdb.org/18386 oval:org.mitre.oval:def:10007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10007 Common Vulnerability Exposure (CVE) ID: CVE-2005-2366 oval:org.mitre.oval:def:11239 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11239
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com