Test ID:	1.3.6.1.4.1.25623.1.0.57563
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1201-1)
Summary:	The remote host is missing an update for the Debian 'ethereal' package(s) announced via the DSA-1201-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'ethereal' package(s) announced via the DSA-1201-1 advisory. Vulnerability Insight: Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow. CVE-2006-4805 It was discovered that the XOT dissector is vulnerable to denial of service caused by memory corruption. For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge9. Due to technical problems with the security buildd infrastructure this update lacks builds for the hppa and sparc architecture. They will be released as soon as the problems are resolved. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your ethereal packages. Affected Software/OS: 'ethereal' package(s) on Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4574 BugTraq ID: 16071 http://www.securityfocus.com/bid/16071 http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html http://www.osvdb.org/21931 http://secunia.com/advisories/18257 XForce ISS Database: commonspot-loader-xss(23864) https://exchange.xforce.ibmcloud.com/vulnerabilities/23864 Common Vulnerability Exposure (CVE) ID: CVE-2006-4805 1017129 http://securitytracker.com/id?1017129 20061101 rPSA-2006-0202-1 tshark wireshark http://www.securityfocus.com/archive/1/450307/100/0/threaded 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P 20762 http://www.securityfocus.com/bid/20762 22590 http://secunia.com/advisories/22590 22659 http://secunia.com/advisories/22659 22672 http://secunia.com/advisories/22672 22692 http://secunia.com/advisories/22692 22797 http://secunia.com/advisories/22797 22841 http://secunia.com/advisories/22841 22929 http://secunia.com/advisories/22929 23096 http://secunia.com/advisories/23096 ADV-2006-4220 http://www.vupen.com/english/advisories/2006/4220 DSA-1201 http://www.us.debian.org/security/2006/dsa-1201 MDKSA-2006:195 http://www.mandriva.com/security/advisories?name=MDKSA-2006:195 RHSA-2006:0726 http://www.redhat.com/support/errata/RHSA-2006-0726.html SUSE-SA:2006:065 http://www.novell.com/linux/security/advisories/2006_65_ethereal.html VU#723736 http://www.kb.cert.org/vuls/id/723736 http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm http://www.wireshark.org/security/wnpa-sec-2006-03.html https://issues.rpath.com/browse/RPL-746 oval:org.mitre.oval:def:10199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10199 wireshark-xot-dos(29843) https://exchange.xforce.ibmcloud.com/vulnerabilities/29843
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.