Security Advisory Ethereal vulnerable to buffer overflows

Advisory: RHSA-2000:116-05
Type: Security Advisory
Severity: N/A
Issued on: 2000-12-05
Last updated on: 2000-12-05
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
OVAL: N/A
CVEs (cve.mitre.org): CVE-2000-1174

Details

Updated Ethereal packages are available.

Versions of Ethereal prior to 0.8.14 are vulnerable to buffer overflows.
The ethereal-0.8.14 packages correct this problem.


Solution

For each RPM for your particular architecture, run:



rpm -Fvh [filename]



where filename is the name of the RPM.

Updated packages

Red Hat Linux 6.2
alpha:
ftp://updates.redhat.com/6.2/alpha/ethereal-0.8.14-1.alpha.rpm
Missing file		     1d5f8aa293442f13f48daff591bbcfa0
 
i386:
ftp://updates.redhat.com/6.2/i386/ethereal-0.8.14-1.i386.rpm
Missing file		     6bd72ad178e8f8f5aa6697c35393ab77
 
sparc:
ftp://updates.redhat.com/6.2/sparc/ethereal-0.8.14-1.sparc.rpm
Missing file		     23b04d12995a9ef68316bde5c9cb4c69
 
Red Hat Linux 7.0
alpha:
ftp://updates.redhat.com/7.0/alpha/ethereal-0.8.14-3.alpha.rpm
Missing file		     f66c8f700e762f1fcd03659f0e27626a
 
i386:
ftp://updates.redhat.com/7.0/i386/ethereal-0.8.14-3.i386.rpm
Missing file		     fd164d3509dde25d21fd7cb926ba0e65
 

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1174
http://www.securityfocus.com/frames/?content=/vdb/bottom.html%3Fvid%3D1972

Keywords

buffer

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/