LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Eridani alert ERISA-2002:023 (ethereal)

From:	 Eridani Star System <linux@eridani.co.uk>
To:	 eridani-announce@eridani.co.uk
Subject: [Eridani-Announce] ERISA-2002:023 - ethereal
Date:	 Thu, 6 Jun 2002 17:53:15 +0100 (BST)

=========================================================================
		ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================

Package:	ethereal
Summary:	Multiple possible explots
Date:		2002-06-06
ID:		ERISA-2002:023

=========================================================================

Problem description:

  Ethereal versions prior to 0.9.4 suffer from several vulnerabilities
  which result in that it may be possible to make Ethereal crash or hang by 
  injecting a purposefully malformed packet onto the wire, or by convincing 
  someone to read a malformed packet trace file. It may be possible to make
  Ethereal run arbitrary code by exploiting the buffer and pointer problems.

-------------------------------------------------------------------------
Updated packages:

  dc09613033cfcb7f4f771938e63fcefa  ethereal-0.9.4-1.src.rpm

  75842183b3bfadc9c38e239d4370b791  ethereal-base-0.9.4-1.i386.rpm
  c0ae5c3a47d330c084f32dd52a6ff3a4  ethereal-gnome-0.9.4-1.i386.rpm
  1404dce5aaf49913866260b48f561505  ethereal-gtk+-0.9.4-1.i386.rpm
  8385a7dae38aae8214b53f43dab9da77  ethereal-kde-0.9.4-1.i386.rpm
  fc76d30332a9924baa2941f9855d214e  ethereal-usermode-0.9.4-1.i386.rpm

-------------------------------------------------------------------------
References:

  http://www.ethereal.com/appnotes/enpa-sa-00004.html

=========================================================================

Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/

Packages are signed with our GNU GPG key, also on our FTP site.

Users of releases of Eridani Linux prior to 6.3 are advised to download   
the source RPM and rebuild for their system.

Copyright (C)2002 Eridani Star System

-- Michael "Soruk" McConnell                       http://www.eridani.co.uk
Eridani Linux  --  The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...

_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds