Family: Debian Local Security Checks --> Category: infos
[DSA162] DSA-162-1 ethereal Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Ethereal developers discovered a buffer overflow in the ISIS protocol
dissector. It may be possible to make Ethereal crash or hang by
injecting a purposefully malformed packet onto the wire, or by
convincing someone to read a malformed packet trace file. It may be
possible to make Ethereal run arbitrary code by exploiting the buffer
and pointer problems.
This problem has been fixed in version 0.9.4-1woody2 for the current
stable distribution (woody), in version 0.8.0-4potato.1 for
the old stable distribution (potato) and in version 0.9.6-1 for the
unstable distribution (sid).
We recommend that you upgrade your ethereal packages.
Solution : http://www.debian.org/security/2002/dsa-162
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.