Red Hat 9062 Published by

Ethereal security updates are available for Red Hat Enterprise Linux 2.1, 3, and 4

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: ethereal security update
Advisory ID: RHSA-2005:306-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-306.html
Issue date: 2005-03-18
Updated on: 2005-03-18
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0699 CAN-2005-0704 CAN-2005-0705 CAN-2005-0739
----------------------------------------------------------------------

1. Summary:

Updated Ethereal packages that fix various security vulnerabilities are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64



3. Problem description:

The ethereal package is a program for monitoring network traffic.

A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code.

A buffer overflow flaw was discovered in the Etheric dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0704 to this issue.

The GPRS-LLC dissector could crash if the "ignore cipher bit" option was set. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0705 to this issue.

A buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0699 to this issue.

A buffer overflow flaw was discovered in the IAPP dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0739 to this issue.

Users of ethereal should upgrade to these updated packages, which contain version 0.10.10 and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

150705 - CAN-2005-0699 Multiple ethereal issues (CAN-2005-0704 CAN-2005-0705)

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm
a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm

i386:
3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm
a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm

ia64:
e99a353b78155e1436671d304cc5783f ethereal-0.10.10-1.AS21.1.ia64.rpm
52f3fe5e9b24e8cef8fa7c314bbe87c9 ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm
a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm

ia64:
e99a353b78155e1436671d304cc5783f ethereal-0.10.10-1.AS21.1.ia64.rpm
52f3fe5e9b24e8cef8fa7c314bbe87c9 ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm
a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm

i386:
3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm
a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm
a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm

i386:
3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm
a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm
32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm

i386:
3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm
3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm

ia64:
51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm
9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm

ppc:
e7bbc35c074deceb6642110280963ffc ethereal-0.10.10-1.EL3.1.ppc.rpm
d62cdda64da9b8ac99e9a113dffd51e2 ethereal-gnome-0.10.10-1.EL3.1.ppc.rpm

s390:
e058533841940611b6dfd41dddf353d4 ethereal-0.10.10-1.EL3.1.s390.rpm
9b5f47fe9c15df640f0fb12ad259be69 ethereal-gnome-0.10.10-1.EL3.1.s390.rpm

s390x:
dceafd4686403083809b54b6921a09a3 ethereal-0.10.10-1.EL3.1.s390x.rpm
f54f092d247cec4a1c441d548f75ffe5 ethereal-gnome-0.10.10-1.EL3.1.s390x.rpm

x86_64:
e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm
3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm
32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm

i386:
3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm
3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm

x86_64:
e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm
3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm
32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm

i386:
3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm
3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm

ia64:
51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm
9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm

x86_64:
e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm
3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm
32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm

i386:
3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm
3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm

ia64:
51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm
9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm

x86_64:
e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm
3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm
79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm

i386:
42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm
c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm

ia64:
d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm
e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm

ppc:
9fdb6c8afe12e15da837f0f1e927cfbb ethereal-0.10.10-1.EL4.1.ppc.rpm
d8494d4ec54becd0f468f49004bd6273 ethereal-gnome-0.10.10-1.EL4.1.ppc.rpm

s390:
32a15bad41ee0b610d8e42519eefda50 ethereal-0.10.10-1.EL4.1.s390.rpm
196489ef013a4874ad5abe9788689585 ethereal-gnome-0.10.10-1.EL4.1.s390.rpm

s390x:
c3fc67ecb11f7fce145a8eb2ed2cf0b3 ethereal-0.10.10-1.EL4.1.s390x.rpm
b71701f345bfa34bfade35b0b15ee745 ethereal-gnome-0.10.10-1.EL4.1.s390x.rpm

x86_64:
1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm
8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm
79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm

i386:
42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm
c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm

x86_64:
1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm
8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm
79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm

i386:
42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm
c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm

ia64:
d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm
e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm

x86_64:
1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm
8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm
79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm

i386:
42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm
c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm

ia64:
d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm
e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm

x86_64:
1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm
8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://www.ethereal.com/appnotes/enpa-sa-00018.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0699
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0739

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.