10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.045 Low
EPSS
Percentile
92.3%
Ethereal is a feature-rich network protocol analyzer.
Coverity discovered numerous vulnerabilities in versions of Ethereal prior to 0.99.0, including:
For further details please consult the references below.
An attacker might be able to exploit these vulnerabilities to crash Ethereal or execute arbitrary code with the permissions of the user running Ethereal, which could be the root user.
There is no known workaround at this time.
All Ethereal users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/ethereal-0.99.0"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-analyzer/ethereal | < 0.99.0 | UNKNOWN |