Home page logo
/

bugtraq logo Bugtraq mailing list archives

[CLSA-2000:342] Conectiva Linux Security Announcement - ethereal
From: secure () CONECTIVA COM BR
Date: Thu, 23 Nov 2000 14:28:05 -0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------

PACKAGE   : ethereal
SUMMARY   : Buffer overflow allows remote exploit
DATE      : 2000-11-23 14:27:00
ID        : CLSA-2000:342
RELEVANT
RELEASES  : 5.0, 5.1

- ----------------------------------------------------------------------

DESCRIPTION
 Ethereal has some buffer overflows in some protocol decoders (mainly
 in AFS, but Netbios, ntp, icq, ppp and resolver also have possible
 buffer overflow problems). An attacker could send crafted packets to
 a network that is being monitored by ethereal to exploit these
 overflows.
 Version 0.8.14 fixes these problems.


SOLUTION
 All ethereal users should upgrade immediately.


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/ethereal-0.8.14-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/ethereal-0.8.14-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/ethereal-0.8.14-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/ethereal-0.8.14-1cl.i386.rpm


- ----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

- -----------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://www.conectiva.com.br/suporte/atualizacoes

- ----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe () papaleguas conectiva com br
unsubscribe: atualizacoes-anuncio-unsubscribe () papaleguas conectiva com br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6HUWU42jd0JmAcZARAr38AJ48xl1mwehKxsjmhuiLSZw7pnhNQACgg8cg
O1ex+hMg4N8/TPXEL7Tl4AE=
=ffzE
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • [CLSA-2000:342] Conectiva Linux Security Announcement - ethereal secure (Nov 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault