Debian-Sicherheitsankündigung

DSA-920-1 ethereal -- Pufferüberlauf

Datum des Berichts:

13. Dez 2005

Betroffene Pakete:

Verwundbar:

Sicherheitsdatenbanken-Referenzen:

In der Debian-Fehlerdatenbank: Fehler 342911.
In der Bugtraq-Datenbank (bei SecurityFocus): BugTraq ID 15794.
In Mitres CVE-Verzeichnis: CVE-2005-3651.

Weitere Informationen:

Ein Pufferüberlauf wurde in ethereal entdeckt, einem häufig benutzten Analyseprogramm für den Netzwerkverkehr, der einen Denial of Service verursacht und potenziell die Ausführung von beliebigem Code ermöglicht.

Für die alte Stable-Distribution (Woody) wurde dieses Problem in Version 0.9.4-1woody14 behoben.

Für die Stable-Distribution (Sarge) wurde dieses Problem in Version 0.10.10-2sarge3 behoben.

Für die Unstable-Distribution (Sid) wird dieses Problem bald behoben sein.

Wir empfehlen Ihnen, Ihre ethereal-Pakete zu aktualisieren.

Behoben in:

Debian GNU/Linux 3.0 (woody)

Quellcode:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14.dsc; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14.diff.gz; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Alpha:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_sparc.deb

Debian GNU/Linux 3.1 (sarge)

Quellcode:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4.dsc; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4.diff.gz; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz
Alpha:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_amd64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_amd64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_amd64.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_amd64.deb
ARM:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_sparc.deb

MD5-Prüfsummen der aufgeführten Dateien stehen in der ursprünglichen Sicherheitsankündigung zur Verfügung.