Ethereal: security problems in ethereal 0.9.15 — GLSA 200311-05

Ethereal is vulnerable to heap and buffer overflows in the GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors.

Affected packages

Package 	net-analyzer/ethereal on all architectures
Affected versions 	< 0.9.16
Unaffected versions 	>= 0.9.16

Background

Ethereal is a popular network protocol analyzer.

Description

Ethereal contains buffer overflow vulnerabilities in the GTP, ISAKMP, and MEGACO protocol dissectors, and a heap overflow vulnerability in the SOCKS protocol dissector, which could cause Ethereal to crash or to execute arbitrary code.

Impact

A remote attacker could craft a malformed packet which would cause Ethereal to crash or run arbitrary code with the permissions of the user running Ethereal.

Workaround

There is no known workaround at this time, other than to disable the GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors.

Resolution

It is recommended that all Gentoo Linux users who are running net-analyzer/ethereal 0.9.x upgrade:

 # emerge sync
 # emerge -pv '>=net-analyzer/ethereal-0.9.16'
 # emerge '>=net-analyzer/ethereal-0.9.16'
 # emerge clean

References

    Ethereal Security Advisory