Ethereal Multiple Vulnerabilities

BID:9952

Info

Ethereal Multiple Vulnerabilities

Bugtraq ID: 9952
Class: Unknown
CVE: CVE-2004-0176
CVE-2004-0367
CVE-2004-0365
Remote: Yes
Local: Yes
Published: Mar 22 2004 12:00AM
Updated: Jul 12 2009 03:06AM
Credit: Discovery is credited to Stefan Esser and Jonathan Heussser.
Vulnerable: SGI ProPack 3.0
SGI ProPack 2.4
SGI ProPack 2.3
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.4
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.9.16
+ Mandriva Linux Mandrake 9.2 amd64
 + Mandriva Linux Mandrake 9.2
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.9.14
Ethereal Group Ethereal 0.9.13
+ Mandriva Linux Mandrake 9.1 ppc
 + Mandriva Linux Mandrake 9.1
+ Redhat Fedora Core1
 Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.9.10
Ethereal Group Ethereal 0.9.9
+ Mandriva Linux Mandrake 9.1 ppc
 + Mandriva Linux Mandrake 9.1
Ethereal Group Ethereal 0.9.8
+ Redhat Linux 9.0 i386
 + Redhat Linux 8.0 i386
 + Redhat Linux 8.0
+ Redhat Linux 7.3 i386
 + Redhat Linux 7.3
+ Redhat Linux 7.2 ia64
 + Redhat Linux 7.2 i386
 + Redhat Linux 7.2
+ Terra Soft Solutions Yellow Dog Linux 3.0
Ethereal Group Ethereal 0.9.7
Ethereal Group Ethereal 0.9.6
+ Conectiva Linux Enterprise Edition 1.0
Ethereal Group Ethereal 0.9.5
Ethereal Group Ethereal 0.9.4
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 Ethereal Group Ethereal 0.9.3
+ Redhat Linux 7.3 i386
 + Redhat Linux 7.3
+ Redhat Linux 7.2 i386
 + Redhat Linux 7.2 alpha
 + Redhat Linux 7.1 ia64
 + Redhat Linux 7.1 i386
 + Redhat Linux 7.1 alpha
 + Redhat Linux 7.0 sparc
 + Redhat Linux 7.0 i386
 + Redhat Linux 7.0 alpha
 + Redhat Linux 6.2 sparc
 + Redhat Linux 6.2 i386
 + Redhat Linux 6.2 alpha
 Ethereal Group Ethereal 0.9.2
Ethereal Group Ethereal 0.9.1
- Compaq Tru64 5.0
- Debian Linux 2.2 sparc
 - Debian Linux 2.2 powerpc
 - Debian Linux 2.2 IA-32
 - Debian Linux 2.2 arm
 - Debian Linux 2.2 alpha
 - Debian Linux 2.2 68k
 - HP HP-UX 11.0
- IBM AIX 5.1
 - Linux kernel 2.4
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0
 - NetBSD NetBSD 1.5
- OpenBSD OpenSSH 3.0
- SCO Unixware 7.0
- SGI IRIX 6.0
- Sun Solaris 8_sparc
 Ethereal Group Ethereal 0.9
Ethereal Group Ethereal 0.8.19
Ethereal Group Ethereal 0.8.18
- Redhat Linux 7.2 ia64
 - Redhat Linux 7.2 i386
 - Redhat Linux 7.2
Ethereal Group Ethereal 0.8.14
Ethereal Group Ethereal 0.8.13
Not Vulnerable: Ethereal Group Ethereal 0.10.3
+ Mandriva Linux Mandrake 10.0 AMD64
 + Mandriva Linux Mandrake 10.0
+ Redhat Fedora Core2
 + Redhat Fedora Core1
 + S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0

Discussion

Ethereal Multiple Vulnerabilities

Ethereal 0.10.3 has been released to address multiple vulnerabilities. These issues include:

- Thirteen stack-based buffer overruns in various protocol dissectors (NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP).

- A denial of service that is triggered by a zero length Presentation protocol selector.

- Specially crafted RADIUS packets may cause a crash in Ethereal.

- Corrupt color filter files may cause a crash in Ethereal.

These issues may result in a denial of service or potentially be leveraged to execute arbitrary code in the instance of the buffer overruns.

Exploit / POC

Ethereal Multiple Vulnerabilities

Exploit code has been provided to leverage the EIGRP TLV_IP_INT overflow to produce a denial of service condition. Exploit code to leverage the IGAP issue has been provided as well.

Solution / Fix

Ethereal Multiple Vulnerabilities

Solution:
The vendor has released version 0.10.3 to address these issues.

SGI have released an advisory (20040402-01-U) and a patch to address these issues in SGI ProPack version 2.3 and 2.4. The vendor has advised that customers apply this patch as soon as possible. Further details regarding obtaining and applying an appropriate patch can be found in the referenced advisory. Patch is linked below.

Gentoo have released an advisory (GLSA 200403-07) and updates to address these issues. Gentoo users are advised to upgrade to current packages by emerging the updated packages as follows:
# emerge sync
# emerge -pv ">=net-analyzer/ethereal-0.10.3"
# emerge ">=net-analyzer/ethereal-0.10.3"

Netwosix Linux has released advisory LNSA-#2004-0007 dealing with these issues. Please see the referenced advisory for more information.

RedHat Enterprise Linux has released advisory RHSA-2004:136-09 dealing with this issue. Please see the referenced advisory for more information and details on obtaining fixes.

RedHat has released advisory RHSA-2004:137-01 dealing with this issue. Please see the referenced advisory for more information and details on obtaining fixes.

Mandrake has released an advisory that includes updates for this issue.

Conectiva has released an advisory CLSA-2004:835 to address these issues. Please see the advisory in web references for more details.

OpenPKG has released advisory OpenPKG-SA-2004.015 and an update dealing with this issue. Please see below for the update, and the referenced advisory for more information.

SGI has released an advisory (20040506-01-U) with Patch 10075 for SGI
ProPack 3 to address these and other issues. Please see the referenced
advisory for more information.

Debian has released advisory DSA 511-1 to address this issue. It is noted that CAN-2004-0176 partially affects Debian woody and CAN-2004-0367/CAN-2004-0365 do not affect the distribution at all. Please see the attached advisory for more details on obtaining fixes.

RedHat has released a Fedora legacy advisory (FLSA:1840) to address various issues in Ethereal. This advisory fixes these issues in Red Hat Linux 7.3 and 9 running on the i386 architecture. Please see the referenced advisory for more details and information about obtaining fixes.


Ethereal Group Ethereal 0.10

Ethereal Group Ethereal 0.10.1

Ethereal Group Ethereal 0.10.2

Ethereal Group Ethereal 0.8.13

Ethereal Group Ethereal 0.8.14

Ethereal Group Ethereal 0.8.18

Ethereal Group Ethereal 0.8.19

Ethereal Group Ethereal 0.9

Ethereal Group Ethereal 0.9.1

Ethereal Group Ethereal 0.9.10

Ethereal Group Ethereal 0.9.11

Ethereal Group Ethereal 0.9.12

Ethereal Group Ethereal 0.9.13

Ethereal Group Ethereal 0.9.14

Ethereal Group Ethereal 0.9.15

Ethereal Group Ethereal 0.9.16

Ethereal Group Ethereal 0.9.2

Ethereal Group Ethereal 0.9.3

Ethereal Group Ethereal 0.9.4

Ethereal Group Ethereal 0.9.5

Ethereal Group Ethereal 0.9.6

Ethereal Group Ethereal 0.9.7

Ethereal Group Ethereal 0.9.8

Ethereal Group Ethereal 0.9.9

SGI ProPack 2.3

SGI ProPack 2.4

SGI ProPack 3.0

References

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report