CVE-2005-2362
CVSS5.0
发布时间 :2005-08-10 00:00:00
修订时间 :2010-08-21 00:31:08
NMCOP    

[原文]Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service (application crash) by reassembling certain packets.


[CNNVD]Ethereal 多个协议处理模块漏洞(CNNVD-200508-087)

        Ethereal是一款非常流行的网络协议分析工具。
        Ethereal的各种协议处理模块中存在多个漏洞,包括:
         - 缓冲区溢出漏洞
         - 格式串漏洞
         - 空指针引用拒绝服务漏洞
         - 死循环拒绝服务漏洞
         - 内存耗尽拒绝服务漏洞
         - 未明的拒绝服务漏洞
        
        这些漏洞可能允许远程攻击者执行任意机器代码,或导致受影响应用程序崩溃。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:ethereal_group:ethereal:0.10.8
cpe:/a:ethereal_group:ethereal:0.9.8
cpe:/a:ethereal_group:ethereal:0.10.9
cpe:/a:ethereal_group:ethereal:0.9.11
cpe:/a:ethereal_group:ethereal:0.9.16
cpe:/a:ethereal_group:ethereal:0.9.2
cpe:/a:ethereal_group:ethereal:0.9.4
cpe:/a:ethereal_group:ethereal:0.9.5
cpe:/a:ethereal_group:ethereal:0.10.10
cpe:/a:ethereal_group:ethereal:0.10.11
cpe:/a:ethereal_group:ethereal:0.10.1
cpe:/a:ethereal_group:ethereal:0.10.7
cpe:/a:ethereal_group:ethereal:0.10.2
cpe:/a:ethereal_group:ethereal:0.9.12
cpe:/a:ethereal_group:ethereal:0.9.0
cpe:/a:ethereal_group:ethereal:0.9.15
cpe:/a:ethereal_group:ethereal:0.10.0
cpe:/a:ethereal_group:ethereal:0.9.3
cpe:/a:ethereal_group:ethereal:0.10.4
cpe:/a:ethereal_group:ethereal:0.10.5
cpe:/a:ethereal_group:ethereal:0.10.3
cpe:/a:ethereal_group:ethereal:0.9.7
cpe:/a:ethereal_group:ethereal:0.9.9
cpe:/a:ethereal_group:ethereal:0.9.14
cpe:/a:ethereal_group:ethereal:0.9.10
cpe:/a:ethereal_group:ethereal:0.10.6
cpe:/a:ethereal_group:ethereal:0.9.13
cpe:/a:ethereal_group:ethereal:0.9.1
cpe:/a:ethereal_group:ethereal:0.9.6

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10059Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service (application...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2362
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2362
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-087
(官方数据源) CNNVD

- 其它链接及资源

http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml
(PATCH)  GENTOO  GLSA-200507-27
http://www.ethereal.com/appnotes/enpa-sa-00020.html
(PATCH)  CONFIRM  http://www.ethereal.com/appnotes/enpa-sa-00020.html
http://www.securityfocus.com/bid/14399
(UNKNOWN)  BID  14399
http://www.redhat.com/support/errata/RHSA-2005-687.html
(UNKNOWN)  REDHAT  RHSA-2005:687
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
(UNKNOWN)  FEDORA  FLSA-2006:152922
http://www.novell.com/linux/security/advisories/2005_19_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:019
http://secunia.com/advisories/16225
(UNKNOWN)  SECUNIA  16225

- 漏洞信息

Ethereal 多个协议处理模块漏洞
中危 设计错误
2005-08-10 00:00:00 2005-10-20 00:00:00
远程  
        Ethereal是一款非常流行的网络协议分析工具。
        Ethereal的各种协议处理模块中存在多个漏洞,包括:
         - 缓冲区溢出漏洞
         - 格式串漏洞
         - 空指针引用拒绝服务漏洞
         - 死循环拒绝服务漏洞
         - 内存耗尽拒绝服务漏洞
         - 未明的拒绝服务漏洞
        
        这些漏洞可能允许远程攻击者执行任意机器代码,或导致受影响应用程序崩溃。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Ethereal Group Upgrade ethereal-0.10.12.tar.gz
        http://www.ethereal.com/distribution/ethereal-0.10.12.tar.gz
        Ethereal Group Upgrade ethereal-setup-0.10.12.exe
        http://www.ethereal.com/distribution/win32/ethereal-setup-0.10.12.exe
        http://security.gentoo.org/glsa/glsa-200507-27.xml

- 漏洞信息 (F38944)

Gentoo Linux Security Advisory 200507-27 (PacketStormID:F38944)
2005-07-28 00:00:00
Gentoo  security.gentoo.org
advisory,arbitrary,vulnerability
linux,gentoo
CVE-2005-2360,CVE-2005-2361,CVE-2005-2362,CVE-2005-2363,CVE-2005-2364,CVE-2005-2365,CVE-2005-2366,CVE-2005-2367
[点击下载]

Gentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected.

--nextPart6224205.J3oUPQInd6
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200507-27
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: High
     Title: Ethereal: Multiple vulnerabilities
      Date: July 28, 2005
      Bugs: #100316
        ID: 200507-27

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Ethereal is vulnerable to numerous vulnerabilities potentially
resulting in the execution of arbitrary code or abnormal termination.

Background
==========

Ethereal is a feature-rich network protocol analyzer.

Affected packages
=================

    -------------------------------------------------------------------
     Package                /  Vulnerable  /                Unaffected
    -------------------------------------------------------------------
  1  net-analyzer/ethereal      < 0.10.12                   >= 0.10.12

Description
===========

There are numerous vulnerabilities in versions of Ethereal prior to
0.10.12, including:

* The SMB dissector could overflow a buffer or exhaust memory
  (CAN-2005-2365).

* iDEFENSE discovered that several dissectors are vulnerable to
  format string overflows (CAN-2005-2367).

* Additionally multiple potential crashes in many dissectors have
  been fixed, see References for further details.

Impact
======

An attacker might be able to use these vulnerabilities to crash
Ethereal or execute arbitrary code with the permissions of the user
running Ethereal, which could be the root user.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Ethereal users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/ethereal-0.10.12"

References
==========

  [ 1 ] Ethereal enpa-sa-00020
        http://www.ethereal.com/appnotes/enpa-sa-00020.html
  [ 2 ] CAN-2005-2360
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2360
  [ 3 ] CAN-2005-2361
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2361
  [ 4 ] CAN-2005-2362
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2362
  [ 5 ] CAN-2005-2363
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2363
  [ 6 ] CAN-2005-2364
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2364
  [ 7 ] CAN-2005-2365
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2365
  [ 8 ] CAN-2005-2366
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2366
  [ 9 ] CAN-2005-2367
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2367

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200507-27.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

--nextPart6224205.J3oUPQInd6
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBC6G66zKC5hMHO6rkRAjSQAKCPwIZGKRCS3wFY6J+C1sT59QbtJwCePTOV
IuSTcAxpl76Gj7aNxmW9ifU=
=Kz7V
-----END PGP SIGNATURE-----

--nextPart6224205.J3oUPQInd6--
    

- 漏洞信息

18387
Ethereal Multiple Unspecified Dissector Packet Reassembly DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Unknown

- 漏洞描述

Ethereal contains an unspecified flaw related to packet reassembly for several dissectors that may allow an attacker to cause a denial of service. No further details have been provided.

- 时间线

2005-07-26 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 0.10.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站