Ethereal is a program for monitoring network traffic.
A number of security issues affect Ethereal. By exploiting these issues,
it may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully-malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.
A buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers
to cause a denial of service and possibly execute arbitrary code via a
malformed GTP MSISDN string. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2003-0925 to
this issue.
Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of
service (crash) via certain malformed ISAKMP or MEGACO packets. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0926 to this issue.
A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0927
to this issue.
Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | ethereal | < 0.9.16-0.30E.1 | ethereal-0.9.16-0.30E.1.i386.rpm |
RedHat | any | i386 | ethereal | < 0.9.16-0.AS21.1 | ethereal-0.9.16-0.AS21.1.i386.rpm |
RedHat | any | ia64 | ethereal-gnome | < 0.9.16-0.30E.1 | ethereal-gnome-0.9.16-0.30E.1.ia64.rpm |
RedHat | any | s390 | ethereal-gnome | < 0.9.16-0.30E.1 | ethereal-gnome-0.9.16-0.30E.1.s390.rpm |
RedHat | any | i386 | ethereal-gnome | < 0.9.16-0.30E.1 | ethereal-gnome-0.9.16-0.30E.1.i386.rpm |
RedHat | any | s390x | ethereal | < 0.9.16-0.30E.1 | ethereal-0.9.16-0.30E.1.s390x.rpm |
RedHat | any | ia64 | ethereal | < 0.9.16-0.30E.1 | ethereal-0.9.16-0.30E.1.ia64.rpm |
RedHat | any | x86_64 | ethereal-gnome | < 0.9.16-0.30E.1 | ethereal-gnome-0.9.16-0.30E.1.x86_64.rpm |
RedHat | any | ppc64 | ethereal | < 0.9.16-0.30E.1 | ethereal-0.9.16-0.30E.1.ppc64.rpm |
RedHat | any | x86_64 | ethereal | < 0.9.16-0.30E.1 | ethereal-0.9.16-0.30E.1.x86_64.rpm |