Updated Ethereal packages that fix a number of exploitable security issues
are now available.
Ethereal is a program for monitoring network traffic.
A number of security issues affect Ethereal. By exploiting these issues,
it may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully-malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.
A buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers
to cause a denial of service and possibly execute arbitrary code via a
malformed GTP MSISDN string. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2003-0925 to
this issue.
Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of
service (crash) via certain malformed ISAKMP or MEGACO packets. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0926 to this issue.
A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0927
to this issue.
Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues.
| Red Hat Linux 7.2 |
|
| SRPMS: |
ftp://updates.redhat.com/7.2/en/os/SRPMS/ethereal-0.9.16-0.72.1.src.rpm
Missing file |
51b11630b7e941a445b9e5b3c78bad71 |
| |
| IA-32: |
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-0.9.16-0.72.1.i386.rpm
Missing file |
d82608ed91c6eedf65727684c6db5305 |
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-gnome-0.9.16-0.72.1.i386.rpm
Missing file |
4f77f1ff00345c5ac17fab320d266623 |
| |
| IA-64: |
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-0.9.16-0.72.1.ia64.rpm
Missing file |
6dd40a5f31ab113ba0e0165f8c1a50e4 |
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-gnome-0.9.16-0.72.1.ia64.rpm
Missing file |
d7b8d27500bdb6a81b1b2040c994299a |
| |
| Red Hat Linux 7.3 |
|
| SRPMS: |
ftp://updates.redhat.com/7.3/en/os/SRPMS/ethereal-0.9.16-0.73.1.src.rpm
Missing file |
1851780c3ca9c4b41154fde464f7baa5 |
| |
| IA-32: |
ftp://updates.redhat.com/7.3/en/os/i386/ethereal-0.9.16-0.73.1.i386.rpm
Missing file |
3606cb008369c2d23de53e595c1e4a3b |
ftp://updates.redhat.com/7.3/en/os/i386/ethereal-gnome-0.9.16-0.73.1.i386.rpm
Missing file |
8db80d03f546cf633ff2346e57ff4492 |
| |
| Red Hat Linux 8.0 |
|
| SRPMS: |
ftp://updates.redhat.com/8.0/en/os/SRPMS/ethereal-0.9.16-0.80.1.src.rpm
Missing file |
ea4799792230ece8074d766371e377f5 |
| |
| IA-32: |
ftp://updates.redhat.com/8.0/en/os/i386/ethereal-0.9.16-0.80.1.i386.rpm
Missing file |
3f794942c054cc80e211e235d2bd80a6 |
ftp://updates.redhat.com/8.0/en/os/i386/ethereal-gnome-0.9.16-0.80.1.i386.rpm
Missing file |
eb651ff758ac8e58e5edbac838930df8 |
| |
| Red Hat Linux 9 |
|
| SRPMS: |
ethereal-0.9.16-0.90.1.src.rpm
File outdated by: RHSA-2004:137 |
45868a8ab244bee8b26454bd64c8894c |
| |
| IA-32: |
ethereal-0.9.16-0.90.1.i386.rpm
File outdated by: RHSA-2004:137 |
b0397b5f2745d05ebc9775bcf46ae26f |
ethereal-gnome-0.9.16-0.90.1.i386.rpm
File outdated by: RHSA-2004:137 |
f29f45d6e0c2f5eba2fb524df3ead36d |
| |
Updated Ethereal packages fix security issues