This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
This update can be installed with Yum Update Agent; you can type 'yum update' command in the terminal.
This update can also be installed with the Red Hat Update Agent; you can launch the Red Hat Update Agent with the 'up2date' command in the terminal.
FN Site Search
FN Blog Login
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2003-040
2003-12-18
---------------------------------------------------------------------
Name : ethereal
Version : 0.10.0a
Release : 0.1
Summary : Network traffic analyzer
Description : Ethereal is a network traffic analyzer for Unix-ish
operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.
---------------------------------------------------------------------
Update Information:
Serious issues have been discovered in the following protocol dissectors:
* Selecting "Match->Selected" or "Prepare->Selected" for a
malformed SMB packet could cause a segmentation fault.
* It is possible for the Q.931 dissector to dereference a null
pointer when reading a malformed packet.
Impact:
Both vulnerabilities will make the Ethereal application crash. The Q.931
vulnerability also affects Tethereal. It is not known if either
vulnerability can be used to make Ethereal or Tethereal run arbitrary code.
Resolution:
Upgrade to 0.10.0.
If you are running a version prior to 0.10.0 and you cannot upgrade, you
can disable the SMB and Q.931 protocol dissectors by selecting
Edit->Protocols... and deselecting them from the list.
---------------------------------------------------------------------