Ethereal Multiple Protocol Dissector Vulnerabilities

Solution:
Conectiva has released advisory CLA-2005:916 along with fixes dealing with these and other issues. Please see the referenced advisory for more information.

Gentoo Linux has released advisory GLSA 200406-01 dealing with this issue. All Ethereal users should upgrade to the latest stable version:

# emerge sync

# emerge -pv ">=net-analyzer/ethereal-0.10.4"
# emerge ">=net-analyzer/ethereal-0.10.4"

Please see the referenced Gentoo Linux advisory for more information.

The vendor has released version 0.10.4 to address these issues.

RedHat has released an advisory (RHSA-2004:234-06) to address these issues in RedHat Enterprise solutions. Please see the advisory in web references for more information.

Redhat has released advisories for Fedora Core 1 (FEDORA-2004-152) and Fedora Core 2 (FEDORA-2004-172) addressing these issues. Please see the referenced advisories for further information.

SGI has released a security advisory (20040604-01-U) to address this and other issues in SGI ProPack 3. Please see the referenced advisory for more information.

SGI has released a security advisory (20040605-01-U) to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information.

RedHat has released a Fedora legacy advisory (FLSA:1840) to address various issues in Ethereal. This advisory fixes these issues in Red Hat Linux 7.3 and 9 running on the i386 architecture. Please see the referenced advisory for more details and information about obtaining fixes.

SuSE Linux has made an advisory (SUSE-SR:2004:002) available. Please see the reference section for more information.


Ethereal Group Ethereal 0.10.1

Ethereal Group Ethereal 0.10.2

Ethereal Group Ethereal 0.10.3

SGI ProPack 2.4

SGI ProPack 3.0


 

Privacy Statement
Copyright 2010, SecurityFocus