aru Posted April 25, 2003 Report Share Posted April 25, 2003 MandrakeSoft Security Advisory MDKSA-2003:051 : ethereal April 24th, 2003 Updated ethereal packages fix remote vulnerability A vulnerability was discovered in Ethereal 0.9.9 and earlier that allows a remote attacker to use specially crafted SOCKS packets to cause a denial of service (DoS) and possibly execute arbitrary code. A similar vulnerability also exists in the NTLMSSP code in Ethereal 0.9.9 and earlier, due to a heap-based buffer overflow. The released versions of Mandrake GNU/Linux affected are: 9.1 [*] 9.1/PPC Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:051 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0081 http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0159 http://www.ethereal.com/appnotes/enpa-sa-00008.html Posted automatically by aru (mdksec2mub v0.0.5) Link to comment Share on other sites More sharing options...
Recommended Posts