Gentoo Logo

Wireshark: Multiple vulnerabilities

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200607-09 / wireshark ethereal
Release Date July 25, 2006
Latest Revision July 25, 2006: 01
Impact high
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-analyzer/wireshark < 0.99.2 >= 0.99.2 All supported architectures
net-analyzer/ethereal <= 0.99.0-r1 All supported architectures

Related bugreports: #140856

Synopsis

Wireshark (formerly known as Ethereal) is vulnerable to several security issues, potentially allowing the execution of arbitrary code by a remote attacker.

2.  Impact Information

Background

Wireshark, formerly known as Ethereal, is a popular network protocol analyzer.

Description

Wireshark dissectors have been found vulnerable to a large number of exploits, including off-by-one errors, buffer overflows, format string overflows and an infinite loop.

Impact

Running an affected version of Wireshark or Ethereal could allow for a remote attacker to execute arbitrary code on the user's computer by sending specially crafted packets.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Wireshark users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

All Ethereal users should migrate to Wireshark:

Code Listing 3.2: Resolution

# emerge --sync
# emerge --ask --unmerge net-analyzer/ethereal
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

To keep the [saved] configuration from Ethereal and reuse it with Wireshark:

Code Listing 3.3: Resolution

# mv ~/.ethereal ~/.wireshark

4.  References



Print

Page updated July 25, 2006

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.