Ethereal Multiple Protocol Dissector Vulnerabilities
Conectiva has released advisory CLA-2005:916 along with fixes dealing with these and other issues. Please see the referenced advisory for more information.
Gentoo Linux has released advisory GLSA 200406-01 dealing with this issue. All Ethereal users should upgrade to the latest stable version:
# emerge sync
# emerge -pv ">=net-analyzer/ethereal-0.10.4"
# emerge ">=net-analyzer/ethereal-0.10.4"
Please see the referenced Gentoo Linux advisory for more information.
The vendor has released version 0.10.4 to address these issues.
RedHat has released an advisory (RHSA-2004:234-06) to address these issues in RedHat Enterprise solutions. Please see the advisory in web references for more information.
Redhat has released advisories for Fedora Core 1 (FEDORA-2004-152) and Fedora Core 2 (FEDORA-2004-172) addressing these issues. Please see the referenced advisories for further information.
SGI has released a security advisory (20040604-01-U) to address this and other issues in SGI ProPack 3. Please see the referenced advisory for more information.
SGI has released a security advisory (20040605-01-U) to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information.
RedHat has released a Fedora legacy advisory (FLSA:1840) to address various issues in Ethereal. This advisory fixes these issues in Red Hat Linux 7.3 and 9 running on the i386 architecture. Please see the referenced advisory for more details and information about obtaining fixes.
SuSE Linux has made an advisory (SUSE-SR:2004:002) available. Please see the reference section for more information.
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.3
SGI ProPack 2.4
SGI ProPack 3.0