(RHSA-2006:0602) wireshark security update (was ethereal)

2006-08-16T04:00:00
ID RHSA-2006:0602
Type redhat
Reporter RedHat
Modified 2018-05-11T23:26:48

Description

Ethereal is a program for monitoring network traffic.

In May 2006, Ethereal changed its name to Wireshark. This update deprecates the Ethereal packages in Red Hat Enterprise Linux 2.1, 3, and 4 in favor of the supported Wireshark packages.

Several denial of service bugs were found in Ethereal's protocol dissectors. It was possible for Ethereal to crash or stop responding if it read a malformed packet off the network. (CVE-2006-3627, CVE-2006-3629, CVE-2006-3631)

Several buffer overflow bugs were found in Ethereal's ANSI MAP, NCP NMAS, and NDPStelnet dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3630, CVE-2006-3632)

Several format string bugs were found in Ethereal's Checkpoint FW-1, MQ, XML, and NTP dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3628)

Users of Ethereal should upgrade to these updated packages containing Wireshark version 0.99.2, which is not vulnerable to these issues