Red Hat Bugzilla – Bug 124536
Ethereal 0.10.4 contains security fixes
Last modified: 2015-03-04 20:14:02 EST
FC1 last shipped with ethereal 0.10.0a-0.1 therefore it is vulnerable to:
* It was possible for the SPNEGO dissector to dereference a null
pointer, causing a crash (0.9.8 to 0.10.3).
* Stefan Esser discovered thirteen buffer overflows in the
following protocol dissectors: NetFlow, IGAP, EIGRP, PGM, IrDA, BGP,
ISUP, and TCAP. (CAN-2004-0176)
* Jonathan Heussser discovered that a carefully-crafted RADIUS
packet could cause a crash. (CAN-2004-0365)
(the other issues in these advisories didn't apply to version 0.10.0a)
*** This bug has been marked as a duplicate of 124535 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.