English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.56670
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-1049-1)
Summary:The remote host is missing an update for the Debian 'ethereal' package(s) announced via the DSA-1049-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'ethereal' package(s) announced via the DSA-1049-1 advisory.

Vulnerability Insight:
Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2006-1932

The OID printing routine is susceptible to an off-by-one error.

CVE-2006-1933

The UMA and BER dissectors could go into an infinite loop.

CVE-2006-1934

The Network Instruments file code could overrun a buffer.

CVE-2006-1935

The COPS dissector contains a potential buffer overflow.

CVE-2006-1936

The telnet dissector contains a buffer overflow.

CVE-2006-1937

Bugs in the SRVLOC and AIM dissector, and in the statistics counter could crash ethereal.

CVE-2006-1938

Null pointer dereferences in the SMB PIPE dissector and when reading a malformed Sniffer capture could crash ethereal.

CVE-2006-1939

Null pointer dereferences in the ASN.1, GSM SMS, RPC and ASN.1-based dissector and an invalid display filter could crash ethereal.

CVE-2006-1940

The SNDCP dissector could cause an unintended abortion.

For the old stable distribution (woody) these problems have been fixed in version 0.9.4-1woody15.

For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge5.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your ethereal packages.

Affected Software/OS:
'ethereal' package(s) on Debian 3.0, Debian 3.1.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-1932
1015985
http://securitytracker.com/id?1015985
17682
http://www.securityfocus.com/bid/17682
19769
http://secunia.com/advisories/19769
19805
http://secunia.com/advisories/19805
19828
http://secunia.com/advisories/19828
19839
http://secunia.com/advisories/19839
19958
http://secunia.com/advisories/19958
19962
http://secunia.com/advisories/19962
20060501-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
20117
http://secunia.com/advisories/20117
20210
http://secunia.com/advisories/20210
20944
http://secunia.com/advisories/20944
ADV-2006-1501
http://www.vupen.com/english/advisories/2006/1501
DSA-1049
http://www.debian.org/security/2006/dsa-1049
FEDORA-2006-456
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html
FEDORA-2006-461
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html
GLSA-200604-17
http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml
MDKSA-2006:077
http://www.mandriva.com/security/advisories?name=MDKSA-2006:077
RHSA-2006:0420
http://www.redhat.com/support/errata/RHSA-2006-0420.html
SUSE-SR:2006:010
http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html
ethereal-oid-printing-offbyone(26012)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26012
http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm
http://www.ethereal.com/appnotes/enpa-sa-00023.html
oval:org.mitre.oval:def:9823
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9823
Common Vulnerability Exposure (CVE) ID: CVE-2006-1933
ethereal-ber-loop-dos(26024)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26024
ethereal-uma-dissector-dos(26008)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26008
oval:org.mitre.oval:def:10841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10841
Common Vulnerability Exposure (CVE) ID: CVE-2006-1934
ethereal-alcap-dissector-bo(26014)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26014
ethereal-net-instr-bo(26026)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26026
ethereal-netxwin-sniffer-bo(26027)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26027
oval:org.mitre.oval:def:10445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445
Common Vulnerability Exposure (CVE) ID: CVE-2006-1935
ethereal-cops-dissector-bo(26013)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26013
oval:org.mitre.oval:def:10811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10811
Common Vulnerability Exposure (CVE) ID: CVE-2006-1936
ethereal-telnet-dissector-bo(26029)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26029
oval:org.mitre.oval:def:10341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10341
Common Vulnerability Exposure (CVE) ID: CVE-2006-1937
ethereal-aim-dos(26019)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26019
ethereal-general-dissector-dos(26018)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26018
ethereal-h245-dos(26011)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26011
ethereal-h248-dissector-dos(26007)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26007
ethereal-h248-dos(26031)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26031
ethereal-srvloc-dos(26010)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26010
ethereal-statistics-counter-dos(26015)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26015
ethereal-x509if-dissector-dos(26009)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26009
oval:org.mitre.oval:def:10323
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10323
Common Vulnerability Exposure (CVE) ID: CVE-2006-1938
ethereal-smbpipe-dos(26023)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26023
ethereal-sniffer-capture-dos(26016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26016
oval:org.mitre.oval:def:9850
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9850
Common Vulnerability Exposure (CVE) ID: CVE-2006-1939
ethereal-asn1-dissector-dos(26022)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26022
ethereal-asn1based-dissector-dos(26030)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26030
ethereal-dcerpc-dissector-dos(26021)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26021
ethereal-dcerpcnt-dissector-dos(26032)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26032
ethereal-display-filter-dos(26017)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26017
ethereal-gsmsms-dissector-dos(26028)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26028
ethereal-per-diss-dos(26033)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26033
ethereal-rpc-dos(26020)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26020
oval:org.mitre.oval:def:11030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11030
Common Vulnerability Exposure (CVE) ID: CVE-2006-1940
ethereal-sndcp-dissector-dos(26025)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26025
oval:org.mitre.oval:def:9781
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9781
CopyrightCopyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.