Gentoo: 200306-13 Critical: Ethereal Arbitrary Code Execution Threat
gentoo
June 27, 2003
It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trac...
Summary
GENTOO LINUX SECURITY ANNOUNCEMENT 200306-13
from advisory: "It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file."
Read the full advisory at
SOLUTION
It is recommended that all Gentoo Linux users who are running net-analyzer/ethereal upgrade to ethereal as follows
emerge sync emerge ethereal emerge clean
aliz@gentoo.org - GnuPG key is available at
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
PACKAGE : ethereal
SUMMARY : arbitrary code execution
DATE : 2003-06-25 22:36 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =ethereal-0.9.13
CVE : CAN-2003-0432
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!