Conectiva alert: ethereal

Posted by dave on Mar 31, 2004 1:29 PM EDT
Mailing list
Mail this story
Print this story

ith a graphical user interface (GUI). This update fixes several vulnerabilities[2] in Ethereal.

Hash: SHA1

- -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - --------------------------------------------------------------------------

PACKAGE : ethereal SUMMARY : Several remote vulnerabilities DATE : 2004-03-31 17:50:00 ID : CLA-2004:835 RELEVANT RELEASES : 8, 9

- -------------------------------------------------------------------------

DESCRIPTION Ethereal[1] is a powerful network traffic analyzer with a graphical user interface (GUI). This update fixes several vulnerabilities[2] in Ethereal: CAN-2004-0176: Stefan Esser discovered thirteen buffer overflows in the dissector of the NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP protocol dissectors[3]. CAN-2004-0365: Jonathan Heussser discovered a denial of service vulnerability in the RADIUS protocol dissector[4]. CAN-2004-0367: A zero-length presentation protocol selector can be exploited to cause a denial of service[5]. These vulnerabilities can be exploited by a attacker who is able to insert crafted packets in the wire being monitored by ethereal or make an user open a trace file with such packets inside. When reading this data, Ethereal will crash (characterizing a denial of service condition) or, in the case of the buffer overflow vulnerabilities, may execute arbitrary code with the privileges of the user running it (usually root).

SOLUTION It is recommended that all Ethereal users upgrade their packages. REFERENCES 1. 2. 3. 4. 5.


ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades:

- run: apt-get update - after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples can be found at

- ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at Instructions on how to check the signatures of the RPM packages can be found at

- ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at

- ------------------------------------------------------------------------- Copyright (c) 2004 Conectiva Inc.

- ------------------------------------------------------------------------- subscribe: [] unsubscribe: [] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see

iD8DBQFAay9o42jd0JmAcZARAubfAKDUv5hW1OW5qMqokQXSZ4OusvX2FgCgo/Hi Kva4tl8Bxs820h0mmtWNoEo= =gMER -----END PGP SIGNATURE-----


» Read more about: Story Type: Security; Groups: Conectiva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.