MDKSA-2003:067

Package name

ethereal

Date

2003-06-16

Advisory ID

MDKSA-2003:067

Affected versions

9.1 i586 , 9.1 i586

Problem description

Several vulnerabilities in ethereal were discovered by Timo Sirainen. Integer overflows were found in the Mount and PPP dissectors, as well as one-byte buffer overflows in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP dissectors. These vulnerabilties were corrected in ethereal 0.9.12.

Updated packages

9.1 i586

 87bf6388f0299a419726362742499be7  ppc/9.1/RPMS/ethereal-0.9.12-1.2mdk.ppc.rpm
5873c050db02b2bf0f914299553d059b  ppc/9.1/SRPMS/ethereal-0.9.12-1.2mdk.src.rpm

9.1 i586

 d039c495347d612fce4685ee3bec4d87  9.1/RPMS/ethereal-0.9.12-1.2mdk.i586.rpm
5873c050db02b2bf0f914299553d059b  9.1/SRPMS/ethereal-0.9.12-1.2mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0356
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0357
• http://www.ethereal.com/appnotes/enpa-sa-00009.html