MDKSA-2004:024 - Updated ethereal packages fix multiple vulnerabilities
Posted on: 03/31/2004 04:46 AM
Updated ethereal packages are available for Mandrakelinux 9.1 and 9.2
Mandrakelinux Security Update Advisory
Package name: ethereal
Advisory ID: MDKSA-2004:024
Date: March 30th, 2004
Affected versions: 9.1, 9.2
A number of serious issues have been discovered in versions of Ethereal prior to 0.10.2. Stefan Esser discovered thirteen buffer overflows in the NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP dissectors. Jonathan Heusser discovered that a carefully-crafted RADIUS packet could cause Ethereal to crash. It was also found that a zero-length Presentation protocol selector could make Ethereal crash. Finally, a corrupt color filter file could cause a segmentation fault. It is possible, through the exploitation of some of these vulnerabilities, to cause Ethereal to crash or run arbitrary code by injecting a malicious, malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file.
The updated packages bring Ethereal to version 0.10.3 which is not vulnerable to these issues.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to update.