10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Timo Sirainen discovered several vulnerabilities in ethereal, a
network traffic analyzer. These include one-byte buffer overflows in
the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB,
SMPP, and TSP dissectors, and integer overflows in the Mount and PPP
dissectors.
For the stable distribution (woody) these problems have been fixed in
version 0.9.4-1woody4.
The old stable distribution (potato) does not appear to contain these
vulnerabilities.
For the unstable distribution (sid) these problems are fixed in version
0.9.12-1.
We recommend that you update your ethereal package.