Gentoo Security Advisory GLSA 200412-15 (Ethereal) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200412-15.

Solution

All ethereal users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.8' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200412-15 http://bugs.gentoo.org/show_bug.cgi?id=74443 http://www.ethereal.com/appnotes/enpa-sa-00016.html

Insight

Multiple vulnerabilities exist in Ethereal, which may allow an attacker to run arbitrary code, crash the program or perform DoS by CPU and disk utilization.

Severity

Classification

CVE CVE-2004-1139, CVE-2004-1140, CVE-2004-1141, CVE-2004-1142
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200405-04 (openoffice)
Gentoo Security Advisory GLSA 200404-10 ()
Gentoo Security Advisory GLSA 200405-03 (ClamAV)
Gentoo Security Advisory GLSA 200412-26 (ViewCVS)
Gentoo Security Advisory GLSA 200411-36 (phpmyadmin)

Take action and discover your vulnerabilities