Vulnerability Watch: Time to Upgrade Ethereal...

["Fergie" <fergdawg () netzero net>]

Thanks, Pedro!

Via the SANS ISC Daily Habndlers Diary.

[snip]

According an advisory posted by FrSIRT, 28 vulnerabilities has been identified in Ethereal "which could be exploited by 
remote attackers to compromise a vulnerable system or cause a denial of service."

Ethereal released a new versin to fix those, on its version 0.99, which you can find here.

Versions that were confirmed to be vulnerable are: Ethereal 0.8.5 through 0.10.14.

[snip]

Diary entry:
http://isc.sans.org/diary.php?storyid=1288

Ethereal 0.99:
http://sourceforge.net/project/showfiles.php?group_id=255

Since FrSIRT went to a paid-only subscriber basis, you can
find details of the vulnerabilities over at Secunia here:

 http://secunia.com/advisories/19769/

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.