Debian Security Advisory

ethereal -- remote exploit

Date Reported:

21 Nov 2000

Affected Packages:

ethereal

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

hacksware reported a buffer overflow in the AFS packet parsing code in ethereal. Gerald Combs then found more overflows in the netbios and ntp decoding logic as well. An attacker can exploit those overflows by sending carefully crafted packets to a network that is being monitored by ethereal. This has been fixed in version 0.8.0-2potato and we recommend you upgrade your ethereal package immediately.

Fixed in:

Debian 2.2 (potato)

Source:: http://security.debian.org/dists/stable/updates/main/source/ethereal_0.8.0-2potato.diff.gz; http://security.debian.org/dists/stable/updates/main/source/ethereal_0.8.0-2potato.dsc; http://security.debian.org/dists/stable/updates/main/source/ethereal_0.8.0.orig.tar.gz
alpha:: http://security.debian.org/dists/stable/updates/main/binary-alpha/ethereal_0.8.0-2potato_alpha.deb
arm:: http://security.debian.org/dists/stable/updates/main/binary-arm/ethereal_0.8.0-2potato_arm.deb
i386:: http://security.debian.org/dists/stable/updates/main/binary-i386/ethereal_0.8.0-2potato_i386.deb
m68k:: http://security.debian.org/dists/stable/updates/main/binary-m68k/ethereal_0.8.0-2potato_m68k.deb
powerpc:: http://security.debian.org/dists/stable/updates/main/binary-powerpc/ethereal_0.8.0-2potato_powerpc.deb
sparc:: http://security.debian.org/dists/stable/updates/main/binary-sparc/ethereal_0.8.0-2potato_sparc.deb