Quote from <http://www.ethereal.com/appnotes/enpa-sa-00011.html>:
Potential security issues have been discovered in the following protocol
dissectors:
* An improperly formatted GTP MSISDN string could cause a buffer
overflow.
* A malformed ISAKMP or MEGACO packet could make Ethereal or
Tethereal crash.
* The SOCKS dissector was susceptible to a heap overlfow.
Impact:
It may be possible to make Ethereal crash or run arbitrary code
by injecting a purposefully malformed packet onto the wire, or
by convincing someone to read a malformed packet trace file.
Resolution:
Upgrade to 0.9.16.
If you are running a version prior to 0.9.16 and you cannot
upgrade, you can disable the GTP, ISAKMP, MEGACO, and SOCKS
protocol dissectors by selecting Edit->Protocols... and
deselecting them from the list.
SOLUTION:
It is recommended that all Gentoo Linux users who are running
net-analyzer/ethereal 0.9.x upgrade:
Hash: SHA1
- - ------------------------------------------------------------------------
---
GENTOO LINUX SECURITY ANNOUNCEMENT 200311-04
- - ------------------------------------------------------------------------
---
GLSA: 200311-04
package: net-analyzer/ethereal
summary: Security problems in Ethereal 0.9.15
severity: normal
Gentoo bug: 32691
date: 2003-11-22
CVE: none
exploit: remote
affected: <0.9.16
fixed: >=0.9.16
DESCRIPTION:
Quote from <http://www.ethereal.com/appnotes/enpa-sa-00011.html>:
Potential security issues have been discovered in the following protocol
dissectors:
* An improperly formatted GTP MSISDN string could cause a buffer
overflow.
* A malformed ISAKMP or MEGACO packet could make Ethereal or
Tethereal crash.
* The SOCKS dissector was susceptible to a heap overlfow.
Impact:
It may be possible to make Ethereal crash or run arbitrary code
by injecting a purposefully malformed packet onto the wire, or
by convincing someone to read a malformed packet trace file.
Resolution:
Upgrade to 0.9.16.
If you are running a version prior to 0.9.16 and you cannot
upgrade, you can disable the GTP, ISAKMP, MEGACO, and SOCKS
protocol dissectors by selecting Edit->Protocols... and
deselecting them from the list.
SOLUTION:
It is recommended that all Gentoo Linux users who are running
net-analyzer/ethereal 0.9.x upgrade:
emerge sync
emerge '>=net-analyzer/ethereal-0.9.16'
emerge clean
- --
Andrea Barisani <lcars (at) gentoo (dot) org [email concealed]> .*.
Gentoo Linux Infrastructure Developer V
( )
GPG-Key 0xC9EE0905 http://dev.gentoo.org/~lcars/pubkey.asc ( )
491D E9E0 3875 0EC9 10DD 150B CAA9 2C7D C9EE 0905 ^^_^^
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/wi7qyqksfcnuCQURAtzrAJ9aRrV+aALW2vrSlcdgZmKshnS3kACfVz2E
IZI8yNOWjMb81RRpK6IY+wE=
=IPJD
-----END PGP SIGNATURE-----
[ reply ]