Esta disponível nova versão Ethereal para correcção de vulnerabilidades

Categoria: Alertas

quinta, 28 julho 2005 13:52

Sistemas Operativos Implicados:	Windows XP/NT/2K/Me/98/95, Linux, FreeBSD/OpenBSD, Solaris
Aplicações Implicadas:	Indefinido

É aconselhável, fazer upgrade ao ethereal para a versão 0.10.12, isto devido aos vários problemas encontrados nas versões 0.8.5 a 0.10.10.
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
UNIRAS (UK Govt CERT) Briefing Notice - 588/05 dated 28.07.05 Time: 13:18
UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ----------------------------------------------------------------------------------
UNIRAS material is also available from its website at www.uniras.gov.uk and
Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====
Ethereal - Ethereal 0.10.12 has been released


Detail
======

Ethereal 0.10.12 has been released.

Our testing program has turned up several more security issues:

The LDAP dissector could free static memory and crash.
Versions affected: 0.8.5 to 0.10.11

The AgentX dissector could crash.
Versions affected: 0.10.10 to 0.10.11

The 802.3 dissector could go into an infinite loop.
Versions affected: 0.8.16 to 0.10.11

The PER dissector could abort.
Versions affected: 0.10.5 to 0.10.11

The DHCP dissector could go into an infinite loop.
Versions affected: 0.10.7 to 0.10.11

The BER dissector could abort or loop infinitely.
Version affected: 0.10.11

The MEGACO dissector could go into an infinite loop.
Versions affected: 0.9.14 to 0.10.11

The GIOP dissector could dereference a null pointer.
Versions affected: 0.8.20 to 0.10.11

The SMB dissector was susceptible to a buffer overflow.
Versions affected: 0.9.12 to 0.10.11

The WBXML could dereference a null pointer.
Versions affected: 0.10.1 to 0.10.11

The H1 dissector could go into an infinite loop.
Versions affected: 0.8.15 to 0.10.11

The DOCSIS dissector could cause a crash.
Versions affected: 0.9.13 to 0.10.11

The SMPP dissector could go into an infinite loop.
Versions affected: 0.10.1 to 0.10.11

SCTP graphs could crash.
Version affected: 0.10.11

The HTTP dissector could crash.
Versions affected: 0.10.4 to 0.10.11

The SMB dissector could go into a large loop.
Versions affected: 0.9.0 to 0.10.11

The DCERPC dissector could crash.
Versions affected: 0.9.16 to 0.10.11.

Several dissectors could crash while reassembling packets.
Versions affected: 0.9.0 to 0.10.11


Steve Grubb at Red Hat found the following issues:

The CAMEL dissector could dereference a null pointer.
Version affected: 0.10.11

The DHCP dissector could crash.
Versions affected: 0.10.4 to 0.10.11

The CAMEL dissector could crash.
Versions affected: 0.10.10 to 0.10.11

The PER dissector could crash.
Versions affected: 0.10.10 to 0.10.11

The RADIUS dissector could crash.
Versions affected: 0.9.4 to 0.10.11

The Telnet dissector could crash.
Versions affected: 0.9.10 to 0.10.11

The IS-IS LSP dissector could crash.
Versions affected: 0.8.19 to 0.10.11

The NCP dissector could crash.
Versions affected: 0.9.15 to 0.10.11


iDEFENSE found the following issues:

Several dissectors were susceptible to a format string overflow.
Versions affected: 0.9.4 to 0.10.11


Ethereal uses the zlib compression library. Security vulnerabilities
have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer
now ships with zlib 1.2.3, which fixes these vulnerabilities.


Please see the following advisory for more information:

http://www.ethereal.com/appnotes/enpa-sa-00020.html

Everyone is encouraged to upgrade.


New and updated features

The Windows installer now includes the WinPcap 3.1 beta 4 installer.
You don"t have to download and install it separately.

RADIUS dictionaries are now included.

A lot of documentation was updated

Some command line parameters have changed, see the Ethereal / Tethereal
manual pages

A "File/File Set" submenu was added to better handle multiple files
(such as ring buffers).

Flow graphs can now be created for any protocol.

Memory management has been greatly improved.

JXTA has been added to the conversations menu.

When compiled with MIT/Heimdal Kerberos AND if keytab files are
provided, Ethereal can now decrypt and dissect both SecureLDAP and
encrypted DCE/RPC.

TCP Sequence graphs should now work for all captures and all
encapsulation types.


New protocol support

ACSE, ARMAGETRONAD, AudioCodes trunk trace, CSM_ENCAPS, DEC DNA Routing,
DIS, FTAM, iFCP, Juniper PPPoE, MMS, MS MediaServer, MSRP, Parlay,
Synergy, TANGO, WLAN Certificate Extensions


Updated protocol support

802.11 Radiotap, 9P, ACSE, AFP, AgentX, AIM, ANSI MAP, BACapp, BVLC,
Camel, CLNP, CMIP, DCERPC, DCOM, DHCP, DHCP Failover, DHCPv6, DICOM,
DNP, DNS, DOCSIS, EAP, Ethernet, FC ELS, FCIP, FCP, FC-SWILS, GIOP,
GSM A, GSM MAP, GSSAPI, GTP, H1, H.221, H.225, H.235, H.245, H.248,
H.450, HPSW, HTTP, HyperSCSI, ICMP, IEEE 802.11, IEEE 802.3, iFCP,
IP, IPDC, ISAKMP, iSCSI, iSNS, ISUP, JXTA, Kerberos, KINK, LDAP, LLC,
LMP, LWAPP, MEGACO, MGCP, MMSE, NDMP, NDPS, NFS, NTLMSSP, OSI, OSPF,
PER, PPP, PRES, PROFINET, RDT, RMT, RPC, RSVP, Rsync, RTP, RTSP, SCSI,
SCTP, SDP, SIP, SMB, SMPP, SNMP, SPNEGO, SSCOP, SSL, T.38, TCAP, TCP,
Telnet, TFTP, TPKT, UDP, UDVM, UMA, V5UA, WBXML, WSP, XML, YMSG, YPSERV


New and updated capture file support

HP Nettl, Tektronix K12


Download Sites

The source code, Windows and Solaris installers can be downloaded
immediately from the following locations:

Main site:

Source:

http://www.ethereal.com/distribution/ethereal-0.10.12.tar.gz
http://www.ethereal.com/distribution/ethereal-0.10.12.tar.bz2

Windows installer:

http://www.ethereal.com/distribution/win32/ethereal-setup-0.10.12.exe

Solaris installers:

http://www.ethereal.com/distribution/solaris/

SourceForge:

http://sourceforge.net/project/showfiles.php?group_id=255


The mirror sites listed at

http://www.ethereal.com/download.html#releases

should be updated shortly.


Digests

MD5(ethereal-0.10.12.tar.bz2)=372b60e6eca14b7e1cf3e789207027f7
SHA1(ethereal-0.10.12.tar.bz2)=d08ddf9135fd56ac0a2c0dc17436c4e0736590fe
RIPEMD160(ethereal-0.10.12.tar.bz2)=4d974b372a040fb70fdcc264d84f84e77e58247f

MD5(ethereal-0.10.12.tar.gz)=7a8b7f8575e55837dcc18e6199dc1f7d
SHA1(ethereal-0.10.12.tar.gz)=c1120a43987e8fb7ede35ec1136926e0e4a1fbc1
RIPEMD160(ethereal-0.10.12.tar.gz)=aeb725524ab89fc0ace4ed6fd27b2c388b7b011b

MD5(ethereal-setup-0.10.12.exe)=f357bebd1a8ff15dbaa5e71b95d39d58
SHA1(ethereal-setup-0.10.12.exe)=9a2537e2157d69a18e6e4349b96c13516976d5ba
RIPEMD160(ethereal-setup-0.10.12.exe)=f18bdb296c5795a6b1e105ab9ed54d3469d937b4

MD5(ethereal-0.10.12-solaris2.8-sparc-local.bz2)=3a9b0077068f880872f201df53525079
SHA1(ethereal-0.10.12-solaris2.8-sparc-local.bz2)=6f7697cf902598c06b11a2205ec152408697abcf
RIPEMD160(ethereal-0.10.12-solaris2.8-sparc-local.bz2)=710cc53e11764005efb65b4a1f45c8426452a873

MD5(ethereal-0.10.12-solaris2.9-sparc-local.bz2)=7a9f0a3811631a5cb5226d73b54de321
SHA1(ethereal-0.10.12-solaris2.9-sparc-local.bz2)=5bd95735ade47ed5536a89844c2687446bafa919
RIPEMD160(ethereal-0.10.12-solaris2.9-sparc-local.bz2)=3edad3db9235b7da6eeab373995ec9f7956ae5ba

MD5(patch-ethereal-0.10.11-to-0.10.12.diff.bz2)=8b60c0989d5fbf705b02112cce67789a
SHA1(patch-ethereal-0.10.11-to-0.10.12.diff.bz2)=42c5711993b8b7366fc3d7de0964034a8f140a37
RIPEMD160(patch-ethereal-0.10.11-to-0.10.12.diff.bz2)=a90a1f95c7a88c141f2a66feb3fd293d088fd92b



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by
telephone or Not Protectively Marked information may be sent via
EMail to: Este endereçod e email está protegido contra piratas. Necessita ativar o JavaScript para o visualizar.

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Ethereal for the information
contained in this Briefing.
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some
of the information may have changed since it was released. If the vulnerability
affects you, it may be prudent to retrieve the advisory from the canonical site
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade
name, trademark manufacturer, or otherwise, does not constitute or imply
its endorsement, recommendation, or favouring by UNIRAS or NISCC. The views
and opinions of authors expressed within this notice shall not be used for
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they shall
not be liable for any loss or damage whatsoever, arising from or in connection
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST)
and has contacts with other international Incident Response Teams (IRTs) in
order to foster cooperation and coordination in incident prevention, to prompt
rapid reaction to incidents, and to promote information sharing amongst its
members and the community at large.
- ----------------------------------------------------------------------------------


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQujM64pao72zK539AQFlPgQAiyY/H0axqAbIg1g9OKLw74jqvqtU2XzG
Zs3y8lrrwJ5uDY8Xs8zodsrQJZTAvsQ1dIU9/rTD7OTiKQKbQrItXuJ2G65HYDaF
GbUfEYeukY3nVWpfobWMEonmrUllCXzD2f0BPCczK9OtLlmDx4IBsxJPq1fT+Hbs
Mb+9j3b93Gc=
=0y7j
-----END PGP SIGNATURE-----