Gerarld Combs notified us of a number of flaws fixed in Ethereal 0.10.12, due out on 20050726 or 20050727. The majority of these can cause ethereal to crash or get stuck in a loop (impact=) However there are two issues that could have a higher impact, but these will need investigation to determine the consequences: The SMB dissector could overflow a buffer or exhaust system memory. Versions affected: 0.9.0 to 0.10.11 Fixed in: 14501, 14515, 14526 Several dissectors were susceptible to a format string overflow. Versions affected: 0.9.4 to 0.10.11 Fixed in: 14713 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?rev=14713&view=rev http://anonsvn.ethereal.com/viewcvs/viewcvs.py?rev=14501&view=rev http://anonsvn.ethereal.com/viewcvs/viewcvs.py?rev=14515&view=rev http://anonsvn.ethereal.com/viewcvs/viewcvs.py?rev=14526&view=rev List of issues attached. Marking bug embargoed until Ethereal release. Affects RHEL4, RHEL3, RHEL2.1
Created attachment 117144 [details] Description of flaws
(crashes are impact=low, the two issues above are impact=moderate)
removing embargo
Fix is now applied in RHSA-2005:687.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-687.html