[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] ethereal remote exploit
- To: linux-security
- Subject: [linux-security] ethereal remote exploit
- From: Martin Siegert <siegert@sfu.ca>
- Date: Fri, 30 May 2003 14:24:43 -0700
- User-Agent: Mutt/1.4.1i
Topic
=====
remote exploit in ethereal
Problem Description
===================
Ethereal is a package designed for monitoring network traffic.
Ethereal 0.9.9 and earlier allows remote attackers to cause a denial
of service (crash) and possibly execute arbitrary code via carefully
crafted SOCKS packets. Additionally, a heap-based buffer overflow in
the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers
to cause a denial of service and possibly execute arbitrary code.
Affected Versions
=================
ethereal 0.9.9 and earlier
Solution
========
upgrade to version 0.9.11 or later (or upgrade to patched version
for your distribution)
RedHat 7.2
----------
rpm -Fvh ethereal-0.9.11-1.72.1.i386.rpm \
ethereal-gnome-0.9.11-1.72.1.i386.rpm
RedHat 7.3
----------
rpm -Fvh ethereal-0.9.11-1.73.0.i386.rpm \
ethereal-gnome-0.9.11-1.73.0.i386.rpm
RedHat 8.0
----------
rpm -Fvh ethereal-0.9.11-1.80.0.i386.rpm \
ethereal-gnome-0.9.11-1.80.0.i386.rpm
RedHat 9
--------
rpm -Fvh ethereal-0.9.11-0.90.1.i386.rpm \
ethereal-gnome-0.9.11-0.90.1.i386.rpm
SuSE 7.1
--------
rpm -Fvh ethereal-0.9.6-156.i386.rpm
SuSE 7.2
--------
rpm -Fvh ethereal-0.9.6-155.i386.rpm
SuSE 7.3
--------
rpm -Fvh ethereal-0.9.6-154.i386.rpm
SuSE 8.0
--------
rpm -Fvh ethereal-0.9.6-153.i386.rpm
SuSE 8.1
--------
rpm -Fvh ethereal-0.9.6-152.i586.rpm
Debian 3.0 (woody)
------------------
upgrade to ethereal_0.9.4-1woody3_i386.deb,
ethereal-common_0.9.4-1woody3_i386.deb,
ethereal-dev_0.9.4-1woody3_i386.deb,
tethereal_0.9.4-1woody3_i386.deb
Debian 2.2 (potato)
-------------------
not affected