Multiple Ethereal Protocol Dissector Vulnerabilities
Mandrake has released an advisory (MDKSA-2003:114) to address this issue. Users who are potentially affected by this vulnerability are advised to apply relative fixes as soon as possible. Further information regarding obtaining and applying these fixes can be found in the referenced advisory. Fixes are linked below.
Turbolinux have released an advisory (TLSA-2003-64) to address this issue. Users who are potentially affected by this vulnerability are advised to apply relative fixes as soon as possible. Further information regarding obtaining and applying these fixes can be found in the referenced advisory.
Red Hat has released an advisory (RHSA-2003:324-09) that addresses this issue on Red Hat Enterprise edition Linux. Customers who are potentially affected by this vulnerability are advised to apply appropriate fixes as soon as possible. Customers can download these fixes from the Red Hat network; further information is available in the referenced advisory.
Conectiva has released advisories CLA-2003:780 and CLSA-2003:793 to address these issues. Please see the attached advisory for details on obtaining and applying fixes.
Red Hat has released a security advisory (RHSA-2003:323-01) containing fixes to address this issue. Users are advised to upgrade as soon as possible.
SGI has released an advisory (20031101-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10032) containing updated RPM packages relating to a number of different BIDS.
Patch 10032 can be obtained via the following link:
For information regarding how to obtain individual RPM packages included in Patch 10032, please see the attached advisory.
Gentoo has released an advisory that includes updates for these issues. These updates may be applied with the following commands:
Ethereal 0.9.16 has been released to address these issues.
RedHat has released fixes for the experimental operating system Fedora. These fixes address Ethereal Group Ethereal 0.9.13 shipped with Fedora Core1.
Sun has released fixes for Sun Linux version 5.0.7.
Debian has released security advisory DSA 407-1 to address this issue.
Ethereal Group Ethereal 0.9
Ethereal Group Ethereal 0.9.1
Ethereal Group Ethereal 0.9.10
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.9.13
Ethereal Group Ethereal 0.9.14
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.9.2
Ethereal Group Ethereal 0.9.3
Ethereal Group Ethereal 0.9.4
Ethereal Group Ethereal 0.9.5
Ethereal Group Ethereal 0.9.6
Ethereal Group Ethereal 0.9.7
Ethereal Group Ethereal 0.9.8
Ethereal Group Ethereal 0.9.9
Turbolinux Turbolinux Desktop 10.0
Sun Linux 5.0.7
Mandriva Linux Mandrake 9.1 ppc
Mandriva Linux Mandrake 9.1
Mandriva Linux Mandrake 9.2