10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.045 Low
EPSS
Percentile
91.5%
Ethereal is a program for monitoring network traffic.
Several denial of service bugs were found in Ethereal’s protocol
dissectors. Ethereal could crash or stop responding if it reads a malformed
packet off the network. (CVE-2006-1932, CVE-2006-1933, CVE-2006-1937,
CVE-2006-1938, CVE-2006-1939, CVE-2006-1940)
Several buffer overflow bugs were found in Ethereal’s COPS, telnet, and
ALCAP dissectors as well as Network Instruments file code and
NetXray/Windows Sniffer file code. Ethereal could crash or execute
arbitrary code if it reads a malformed packet off the network.
(CVE-2006-1934, CVE-2006-1935, CVE-2006-1936)
Users of ethereal should upgrade to these updated packages containing
version 0.99.0, which is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | ethereal-gnome | < 0.99.0-EL4.2 | ethereal-gnome-0.99.0-EL4.2.ia64.rpm |
RedHat | any | ia64 | ethereal-gnome | < 0.99.0-EL3.2 | ethereal-gnome-0.99.0-EL3.2.ia64.rpm |
RedHat | any | s390 | ethereal-gnome | < 0.99.0-EL3.2 | ethereal-gnome-0.99.0-EL3.2.s390.rpm |
RedHat | any | s390 | ethereal-gnome | < 0.99.0-EL4.2 | ethereal-gnome-0.99.0-EL4.2.s390.rpm |
RedHat | any | i386 | ethereal-gnome | < 0.99.0-EL4.2 | ethereal-gnome-0.99.0-EL4.2.i386.rpm |
RedHat | any | x86_64 | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.x86_64.rpm |
RedHat | any | i386 | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.i386.rpm |
RedHat | any | s390x | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.s390x.rpm |
RedHat | any | ia64 | ethereal-gnome | < 0.99.0-AS21.2 | ethereal-gnome-0.99.0-AS21.2.ia64.rpm |
RedHat | any | s390x | ethereal | < 0.99.0-EL4.2 | ethereal-0.99.0-EL4.2.s390x.rpm |