User: Password:
|
|
Subscribe / Log in / New account

Eridani alert ERISA-2002:040 (ethereal)

From:  Eridani Star System <linux@eridani.co.uk>
To:  eridani-announce@eridani.co.uk
Subject:  [Eridani-Announce] ERISA-2002:040 - ethereal
Date:  Tue, 3 Sep 2002 11:20:54 +0100 (BST)

========================================================================= ERIDANI LINUX - SECURITY ANNOUNCEMENT ========================================================================= Package: ethereal Summary: Buffer overflow allows remot DoS in ISIS dissector Date: 2002-09-03 ID: ERISA-2002:040 ========================================================================= Problem description: A buffer overflow in Ethereal versions prior to 0.9.6 allows remote attackers to cause a denial of service condition or execute arbitrary code via the ISIS dissector. Buffer overflows in Ethereal verions prior to 0.9.5 allow remote attackers to cause a denial of service condition or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector. Faults in Ethereal versions prior to 0.9.5 allow remote attackers to cause a denial of service condition and possibly execute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump. This advisory supercedes ERISA-2002:023, and the old packages have been removed from the FTP server. ------------------------------------------------------------------------- Updated packages: b18f19d1e77f62b7791d8c72cd874500 ethereal-0.9.6-1.src.rpm 246c33bf63725514199e2d5281e1918c ethereal-base-0.9.6-1.i386.rpm fedfc5a781c9f1f5898190b6ad662a5f ethereal-gnome-0.9.6-1.i386.rpm dcee7e073c144e2e4991474836b32dab ethereal-gtk+-0.9.6-1.i386.rpm 6edce15a38ff1213c2f6fe629f0602a6 ethereal-kde-0.9.6-1.i386.rpm 745e018ca216425d92eedc95cfd544aa ethereal-usermode-0.9.6-1.i386.rpm ------------------------------------------------------------------------- References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0834 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0821 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0822 ========================================================================= Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/ or by HTTP from http://ftp.eridani.co.uk/ Packages are signed with our GNU GPG key, also on our FTP site. Users of releases of Eridani Linux prior to 6.3 are advised to download the source RPM and rebuild for their system. Copyright (C)2002 Eridani Star System -- Michael "Soruk" McConnell http://www.eridani.co.uk Eridani Linux -- The Most Up-to-Date Red Hat-based Linux CDROMs Available Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more... _______________________________________________ Eridani-Announce mailing list To be removed from this list email linux@eridani.co.uk requesting removal.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds