ID de Prueba:	1.3.6.1.4.1.25623.1.0.52262
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following packages are affected: ethereal ethereal-lite tethereal tethereal-lite CVE-2004-1139 Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). CVE-2004-1140 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. CVE-2004-1141 The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory. CVE-2004-1142 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. Solution: Update your system with the appropriate patches or software upgrades. http://www.ethereal.com/appnotes/enpa-sa-00016.html http://www.vuxml.org/freebsd/efa1344b-5477-11d9-a9e7-0001020eed82.html CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1139 BugTraq ID: 11943 http://www.securityfocus.com/bid/11943 Computer Incident Advisory Center Bulletin: P-061 http://www.ciac.org/ciac/bulletins/p-061.shtml Conectiva Linux advisory: CLA-2005:916 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:152 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319 http://www.redhat.com/support/errata/RHSA-2005-037.html http://secunia.com/advisories/13468/ XForce ISS Database: ethereal-dicom-dos(18484) https://exchange.xforce.ibmcloud.com/vulnerabilities/18484 Common Vulnerability Exposure (CVE) ID: CVE-2004-1140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10484 XForce ISS Database: Ethereal-rtp-dos(18485) https://exchange.xforce.ibmcloud.com/vulnerabilities/18485 Common Vulnerability Exposure (CVE) ID: CVE-2004-1141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9473 XForce ISS Database: ethereal-http-dissector-dos(18487) https://exchange.xforce.ibmcloud.com/vulnerabilities/18487 Common Vulnerability Exposure (CVE) ID: CVE-2004-1142 Debian Security Information: DSA-613 (Google Search) http://www.debian.org/security/2004/dsa-613 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278 XForce ISS Database: ethereal-smb-dos(18488) https://exchange.xforce.ibmcloud.com/vulnerabilities/18488
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.