Bugtraq mailing list archives
[CLSA-2000:342] Conectiva Linux Security Announcement - ethereal
From: secure () CONECTIVA COM BR
Date: Thu, 23 Nov 2000 14:28:05 -0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ----------------------------------------------------------------------- PACKAGE : ethereal SUMMARY : Buffer overflow allows remote exploit DATE : 2000-11-23 14:27:00 ID : CLSA-2000:342 RELEVANT RELEASES : 5.0, 5.1 - ---------------------------------------------------------------------- DESCRIPTION Ethereal has some buffer overflows in some protocol decoders (mainly in AFS, but Netbios, ntp, icq, ppp and resolver also have possible buffer overflow problems). An attacker could send crafted packets to a network that is being monitored by ethereal to exploit these overflows. Version 0.8.14 fixes these problems. SOLUTION All ethereal users should upgrade immediately. DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/ethereal-0.8.14-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/ethereal-0.8.14-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/ethereal-0.8.14-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/ethereal-0.8.14-1cl.i386.rpm - ---------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato - ----------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://www.conectiva.com.br/suporte/atualizacoes - ---------------------------------------------------------------------- subscribe: atualizacoes-anuncio-subscribe () papaleguas conectiva com br unsubscribe: atualizacoes-anuncio-unsubscribe () papaleguas conectiva com br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6HUWU42jd0JmAcZARAr38AJ48xl1mwehKxsjmhuiLSZw7pnhNQACgg8cg O1ex+hMg4N8/TPXEL7Tl4AE= =ffzE -----END PGP SIGNATURE-----
Current thread:
- [CLSA-2000:342] Conectiva Linux Security Announcement - ethereal secure (Nov 24)