Updated ethereal packages are available for Red Hat Powertools 6.2, 7, and 7.1. These packages are required for the Red Hat Security Advisory regarding applications linked against the old ucd-snmp libraries and also fix other security issues in ethereal.
Ethereal is a network traffic analyzer and monitor. The Red Hat Security Advisory for ucd-snmp included updated libraries. All applications linked against the old ucd-snmp libraries need to be updated. If you have updated your ucd-snmp package you must update the ethereal package as well. For all other third party applications possibly affected by the Red Hat Security Advisory for ucd-snmp, please contact the software vendor. This errata provides Ethereal version 0.9.6. Previous versions of Ethereal were found to contain a number of security issues: Buffer overflow in Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via the ISIS dissector. (CAN-2002-0834) Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via the BGP dissector or the WCP dissector. (CAN-2002-0821) Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the SOCKS, RSVP, AFS, or LMP dissectors, which can be caused to core dump. (CAN-2002-0822) Due to improper string and error handling in Ethereal's ASN.1 parser, it is possible for a malformed SNMP or LDAP packet to cause a memory allocation or buffer overrun error in Ethereal versions before 0.9.2. (CAN-2002-0013 CAN-2002-0012) The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. (CAN-2002-0353) The SMB dissector in Ethereal prior to version 0.9.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. (CAN-2002-0401) A buffer overflow in X11 dissector in Ethereal before 0.9.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. (CAN-2002-0402) The DNS dissector in Ethereal before 0.9.4 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. (CAN-2002-0403) A vulnerability in the GIOP dissector in Ethereal before 0.9.4 allows remote attackers to cause a denial of service (memory consumption). (CAN-2002-0404)
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center