Ethereal: Multiple security problems

Ethereal: Multiple security problems Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program. Ethereal 2004-06-04 2006-05-22 51022 remote 0.10.4 0.10.3

Ethereal is a feature rich network protocol analyzer.

There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.4, including:

A buffer overflow in the MMSE dissector.
Under specific conditions a SIP packet could make Ethereal crash.
The AIM dissector could throw an assertion, causing Ethereal to crash.
The SPNEGO dissector could dereference a null pointer, causing a crash.

An attacker could use these vulnerabilities to crash Ethereal or even execute arbitrary code with the permissions of the user running Ethereal, which could be the root user.

For a temporary workaround you can disable all affected protocol dissectors by selecting Analyze->Enabled Protocols... and deselecting them from the list. However, it is strongly recommended to upgrade to the latest stable release.

All Ethereal users should upgrade to the latest stable version:


    # emerge sync
    
    # emerge -pv ">=net-analyzer/ethereal-0.10.4"
    # emerge ">=net-analyzer/ethereal-0.10.4"

Ethereal enpa-sa-00014 CVE-2004-0504 CVE-2004-0505 CVE-2004-0506 CVE-2004-0507 jaervosz