Yellow Dog Linux Security Announcement -------------------------------------- Package: ethereal Issue Date: October 20, 2002 Priority: high Advisory ID: YDU-20021020-2 1. Topic: Updated ethereal packages are available. 2. Problem: "Ethereal is a package designed for monitoring network traffic on your system. Several security issues have been found in the Ethereal packages distributed with [Yellow Dog Linux 2.3]. A buffer overflow in Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via the ISIS dissector. (CAN-2002-0834) Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector. (CAN-2002-0821) Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump. (CAN-2002-0822) Users of Ethereal should update to the errata packages containing Ethereal version 0.9.6 which is not vulnerable to these issues." (from Red Had advisory) 3. Solution: a) Updating via apt... We suggest that you use the apt-get program to keep your system up-to-date. The following command(s) will retrieve and install the fixed version of this update onto your system: apt-get update apt-get install ethereal b) Updating manually... Download the updates below and then run the following rpm command. (Please use a mirror site) rpm -Fvh [filenames] ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.3/ ppc/ethereal-0.9.6-0.73.0.3a.ppc.rpm ppc/ethereal-gnome-0.9.6-0.73.0.3a.ppc.rpm ppc/ucd-snmp-4.2.5-7.72.0.3a.ppc.rpm ppc/ucd-snmp-devel-4.2.5-7.72.0.3a.ppc.rpm ppc/ucd-snmp-utils-4.2.5-7.72.0.3a.ppc.rpm 4. Verification MD5 checksum Package -------------------------------- ---------------------------- 68336389adae502d1efcfdc063f6e762 ppc/ethereal-0.9.6-0.73.0.3a.ppc.rpm 1ad73e6d86cf2a1f50e616bc73eef1d2 ppc/ethereal-gnome-0.9.6-0.73.0.3a.ppc.rpm 4160033c3d5e9ae7adcb1e2b0afb981d ppc/ucd-snmp-4.2.5-7.72.0.3a.ppc.rpm c5880361be88e88ae9447a566e25cb79 ppc/ucd-snmp-devel-4.2.5-7.72.0.3a.ppc.rpm b7929dea84f8c1e96b0899861775cac8 ppc/ucd-snmp-utils-4.2.5-7.72.0.3a.ppc.rpm cecd4609cd30533039cce005353c50fa SRPMS/ethereal-0.9.6-0.73.0.3a.src.rpm c21a3cd422e6087b1246d0a7f15fd383 SRPMS/ucd-snmp-4.2.5-7.72.0.3a.src.rpm I wish to verify that each package has not been corrupted or tampered with, examine the md5sum with the following command: rpm --checksig --nogpg filename 5. Misc. Terra Soft has setup a moderated mailing list where these security, bugfix, and package enhancement announcements will be posted. See http://lists.terrasoftsolutions.com/ for more information. For information regarding the usage of apt-get, see: http://www.yellowdoglinux.com/support/solutions/ydl_general/apt-get.shtml