MDKSA-2006:002

Package name

ethereal

Date

2006-01-03

Advisory ID

MDKSA-2006:002

Affected versions

2006.0 i586 , 2006.0 x86_64

Problem description

Three vulnerabilities were discovered in Ethereal 0.10.13:

The IRC and GTP dissectors could go into an infinite loop.

A buffer overflow was discovered by iDefense in the OSPF dissector.

Ethereal has been upgraded to 0.10.14 which does not suffer from these
problems.

Updated packages

2006.0 i586

 a055efb80c48c277b052ad733a7f8dc9  2006.0/RPMS/ethereal-0.10.14-0.1.20060mdk.i586.rpm
 acf8e4fc1f1c2d75002c8583474d4f01  2006.0/RPMS/ethereal-tools-0.10.14-0.1.20060mdk.i586.rpm
 499b8112338d62b7b2db6ad3f0869109  2006.0/RPMS/libethereal0-0.10.14-0.1.20060mdk.i586.rpm
 528f458848c122e2fd42fb3116643fea  2006.0/RPMS/tethereal-0.10.14-0.1.20060mdk.i586.rpm
 44c4e7789d3e6b33ec5c4cf077557fc1  2006.0/SRPMS/ethereal-0.10.14-0.1.20060mdk.src.rpm

2006.0 x86_64

 1a99f01c91cbf6dde19f41d1e3dd27eb  x86_64/2006.0/RPMS/ethereal-0.10.14-0.1.20060mdk.x86_64.rpm
 f628d006ff03fbd21deb47b0387a3388  x86_64/2006.0/RPMS/ethereal-tools-0.10.14-0.1.20060mdk.x86_64.rpm
 56cf815f56a5baa86820ed1d9e844066  x86_64/2006.0/RPMS/lib64ethereal0-0.10.14-0.1.20060mdk.x86_64.rpm
 1528803d727413623fd5b3f40414f7e1  x86_64/2006.0/RPMS/tethereal-0.10.14-0.1.20060mdk.x86_64.rpm
 44c4e7789d3e6b33ec5c4cf077557fc1  x86_64/2006.0/SRPMS/ethereal-0.10.14-0.1.20060mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3651
• http://www.ethereal.com/appnotes/enpa-sa-00022.html