Ethereal: Multiple security problems
Gentoo Linux Security Advisory
||GLSA 200406-01 / Ethereal
||June 04, 2004
||May 22, 2006: 02
All supported architectures
Multiple vulnerabilities including one buffer overflow exist in Ethereal,
which may allow an attacker to run arbitrary code or crash the program.
Ethereal is a feature rich network protocol analyzer.
There are multiple vulnerabilities in versions of Ethereal earlier than
- A buffer overflow in the MMSE dissector.
- Under specific conditions a SIP packet could make Ethereal
- The AIM dissector could throw an assertion, causing Ethereal to
- The SPNEGO dissector could dereference a null pointer, causing a
An attacker could use these vulnerabilities to crash Ethereal or even
execute arbitrary code with the permissions of the user running
Ethereal, which could be the root user.
For a temporary workaround you can disable all affected protocol
dissectors by selecting Analyze->Enabled Protocols... and deselecting
them from the list. However, it is strongly recommended to upgrade to
the latest stable release.
All Ethereal users should upgrade to the latest stable version:
Code Listing 3.1: Resolution
# emerge sync
# emerge -pv ">=net-analyzer/ethereal-0.10.4"
# emerge ">=net-analyzer/ethereal-0.10.4"