CNNVD-ID编号 | CNNVD-200604-446 |
CVE编号 | CVE-2006-1934 |
发布时间 | 2006-04-25 |
更新时间 | 2006-04-26 |
漏洞类型 | 缓冲区溢出 |
漏洞来源 | Coverity discovered some issues. The vendor also disclosed other issues. |
危险等级 | 中危 |
威胁类型 | 远程 |
厂 商 | ethereal_group |
Ethereal 0.10.x至0.10.14版本中存在多个缓冲区溢出。这使得远程攻击者可以借助于(1)ALCAP解析器、(2)Network Instruments文件代码或(3)NetXray/Windows Sniffer文件代码造成拒绝服务(崩溃)并可能执行任意代码。
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Ethereal Group Ethereal 0.10 .10
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
RedHat ethereal-0.99.0-fc4.1.i386.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-0.99.0-fc4.1.ppc.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-0.99.0-fc4.1.src.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-0.99.0-fc4.1.x86_64.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-debuginfo-0.99.0-fc4.1.i386.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-debuginfo-0.99.0-fc4.1.ppc.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-debuginfo-0.99.0-fc4.1.x86_64.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-gnome-0.99.0-fc4.1.i386.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-gnome-0.99.0-fc4.1.ppc.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat ethereal-gnome-0.99.0-fc4.1.x86_64.rpm
Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.6
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.10.9
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.8.5
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.1
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.13
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
Ethereal Group Ethereal 0.9.16
Ethereal Group Ethereal 0.99.0
http://www.ethereal.com/download.html
来源: VUPEN
名称: ADV-2006-1501
来源: www.ethereal.com
来源: XF
名称: ethereal-netxwin-sniffer-bo(26027)
来源: XF
名称: ethereal-net-instr-bo(26026)
来源: XF
名称: ethereal-alcap-dissector-bo(26014)
来源: BID
名称: 17682
来源: REDHAT
名称: RHSA-2006:0420
来源: FEDORA
名称: FEDORA-2006-461
链接:http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html
来源: FEDORA
名称: FEDORA-2006-456
链接:http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html
来源: MANDRIVA
名称: MDKSA-2006:077
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:077
来源: GENTOO
名称: GLSA-200604-17
链接:http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml
来源: DEBIAN
名称: DSA-1049
来源: support.avaya.com
链接:http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm
来源: SECTRACK
名称: 1015985
来源: SECUNIA
名称: 20944
来源: SECUNIA
名称: 20210
来源: SECUNIA
名称: 20117
来源: SECUNIA
名称: 19962
来源: SECUNIA
名称: 19958
来源: SECUNIA
名称: 19839
来源: SECUNIA
名称: 19828
来源: SECUNIA
名称: 19805
来源: SECUNIA
名称: 19769
来源: SUSE
名称: SUSE-SR:2006:010
链接:http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html
来源: MANDRIVA
名称: MDKSA-2006:077
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:077