Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:013: ethereal Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the ethereal package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:013 (ethereal).
A number of vulnerabilities were found in Ethereal, all of which are fixed in
version 0.10.9: The COPS dissector could go into an infinite loop
the DLSw dissector could cause an assertion, making Ethereal
exit prematurely (CVE-2005-0007)
the DNP dissector could cause memory
the Gnutella dissector could cause an assertion,
making Ethereal exit prematurely (CVE-2005-0009)
the MMSE dissector could free
static memory (CVE-2005-0010)
and the X11 protocol dissector is vulnerable to
a string buffer overflow (CVE-2005-0084).
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:013
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.