Ethereal SOCKS Dissector Format String Vulnerability

Solution:
Red Hat has released a security advisory (RHSA-2003:077-13) containing fixes which address this and other issues with ethereal. See referenced advisory for further details on obtaining and applying fixes.

SuSE has released a security advisory (SuSE-SA:2003:019) which contains fixes for this issue. Users are advised to upgrade as soon as possible.

Debian have released a security advisory (DSA 258-1) which contains fixes for this issue. Users are advised to upgrade as soon as possible.

Gentoo Linux has released an advisory (200303-10). Users who have installed
net-analyzer/ethereal are advised to upgrade to ethereal-0.9.10 by issuing the
following commands:

emerge sync
emerge ethereal
emerge clean

Red Hat has released a security advisory (RHSA-2003:076-01) containing fixes which address this and other issues with ethereal. users are advised to upgrade as soon as possible.

Fixes available:


Ethereal Group Ethereal 0.8.18

Ethereal Group Ethereal 0.9

Ethereal Group Ethereal 0.9.1

Ethereal Group Ethereal 0.9.2

Ethereal Group Ethereal 0.9.3

Ethereal Group Ethereal 0.9.4

Ethereal Group Ethereal 0.9.5

Ethereal Group Ethereal 0.9.6

Ethereal Group Ethereal 0.9.7

Ethereal Group Ethereal 0.9.8

Ethereal Group Ethereal 0.9.9


 

Privacy Statement
Copyright 2010, SecurityFocus