---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2003-040
2003-12-18
---------------------------------------------------------------------

Name        : ethereal
Version     : 0.10.0a
Release     : 0.1
Summary     : Network traffic analyzer
Description : Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------
Update Information:

 Serious issues have been discovered in the following protocol dissectors:

    * Selecting "Match->Selected" or "Prepare->Selected" for a malformed SMB packet could cause a segmentation fault.
    * It is possible for the Q.931 dissector to dereference a null pointer when reading a malformed packet.

Impact:

Both vulnerabilities will make the Ethereal application crash. The Q.931 vulnerability also affects Tethereal. It is not known if either vulnerability can be used to make Ethereal or Tethereal run arbitrary code.

Resolution:

Upgrade to 0.10.0.

If you are running a version prior to 0.10.0 and you cannot upgrade, you can disable the SMB and Q.931 protocol dissectors by selecting Edit->Protocols... and deselecting them from the list.
---------------------------------------------------------------------
* Wed Dec 17 2003 Phil Knirsch <pknirsch@redhat.com> 0.10.0a-0.1

- Update to latest upstream version 0.10.0a
- Fixed plugins problem.


---------------------------------------------------------------------
This update can be downloaded from:
    

5ac28be19cc9b3113b6c339aed1c5f33  SRPMS/ethereal-0.10.0a-0.1.src.rpm
5e295a50ac358b0edd4828d39da04a9e  i386/ethereal-0.10.0a-0.1.i386.rpm
8b0add410bf1e84f44f1e93c91a29596  i386/ethereal-gnome-0.10.0a-0.1.i386.rpm
0cf3428ab5d3ec2fdf8b415d79b5d9db i386/debug/ethereal-debuginfo-0.10.0a-0.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

-- 
Philipp Knirsch      | Tel.:  +49-711-96437-470
Development          | Fax.:  +49-711-96437-111
Red Hat GmbH         | Email: Phil Knirsch <phil@redhat.de>
Hauptstaetterstr. 58 | Web:    Red Hat DACH-Region
D-70178 Stuttgart
Motd:  You're only jealous cos the little penguins are talking to me.


-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com 
fedora-announce-list Info Page

Fedora: etherial Multiple malformed packet vulerabilities

December 19, 2003
Both vulnerabilities will make the Ethereal application crash

Summary

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for ethereal. A graphical user interface is packaged

separately to GTK+ package.

Update Information:

Serious issues have been discovered in the following protocol dissectors:

* Selecting "Match->Selected" or "Prepare->Selected" for a malformed SMB packet could cause a segmentation fault. * It is possible for the Q.931 dissector to dereference a null pointer when reading a malformed packet.

Impact:

Both vulnerabilities will make the Ethereal application crash. The Q.931 vulnerability also affects Tethereal. It is not known if either vulnerability can be used to make Ethereal or Tethereal run arbitrary code.

Resolution:

Upgrade to 0.10.0.

If you are running a version prior to 0.10.0 and you cannot upgrade, you can disable the SMB and Q.931 protocol dissectors by selecting Edit->Protocols... and deselecting them from the list. * Wed Dec 17 2003 Phil Knirsch <pknirsch@redhat.com> 0.10.0a-0.1

- Update to latest upstream version 0.10.0a - Fixed plugins problem.


This update can be downloaded from:


5ac28be19cc9b3113b6c339aed1c5f33 SRPMS/ethereal-0.10.0a-0.1.src.rpm 5e295a50ac358b0edd4828d39da04a9e i386/ethereal-0.10.0a-0.1.i386.rpm 8b0add410bf1e84f44f1e93c91a29596 i386/ethereal-gnome-0.10.0a-0.1.i386.rpm 0cf3428ab5d3ec2fdf8b415d79b5d9db i386/debug/ethereal-debuginfo-0.10.0a-0.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

-- Philipp Knirsch | Tel.: +49-711-96437-470 Development | Fax.: +49-711-96437-111 Red Hat GmbH | Email: Phil Knirsch <phil@redhat.de> Hauptstaetterstr. 58 | Web: Red Hat DACH-Region D-70178 Stuttgart Motd: You're only jealous cos the little penguins are talking to me.


-- fedora-announce-list mailing list fedora-announce-list@redhat.com fedora-announce-list Info Page

Change Log

References

Fedora Update Notification FEDORA-2003-040 2003-12-18 Name : ethereal Version : 0.10.0a Release : 0.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package.

Update Instructions

Severity
Name : ethereal
Version : 0.10.0a
Release : 0.1
Summary : Network traffic analyzer

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved