On Nov 20 Ethereal 8.14 was released. Redhat and Debian have 8.14 packages available, powertools 7.0 and the unstable tree in Debian. A notice was sent out on Freshmeat, the exploit was posted to Bugtraq, but there is nothing in suse-security-announce, on the security web page or in the SuSE 7.0 i386 updated packages directory on ftp.suse.com. Thank you Russell _http://www.ethereal.com/____________________________________________ _____ "An exploit for a buffer overrun in the AFS dissector was recently released on BugTraq. Ethereal 0.8.14 fixes this and other possibly-exploitable overruns. Also new in 0.8.14 are dissectors for WAP, SIP, AIM/OSCAR, 802.11, GIOP v1.2, and MGCP (plugin). Other dissectors were updated as well. Be sure to upgrade to 0.8.14 as soon as possible."
On Nov 20 Ethereal 8.14 was released. Redhat and Debian have 8.14 packages available, powertools 7.0 and the unstable tree in Debian. A notice was sent out on Freshmeat, the exploit was posted to Bugtraq, but there is nothing in suse-security-announce, on the security web page or in the SuSE 7.0 i386 updated packages directory on ftp.suse.com.
Thank you Russell
Hi Russell,
the bugs are the same as the ones in tcpdump a few days ago. It's
libpcap's fault. :-(
Needless to say that not always the latest version of a package is the
best, but we'll provide updates, too. It just needs some more time...
Thanks,
Roman.
--
- -
| Roman Drahtmüller
participants (2)
-
revans@e-z.net
-
Roman Drahtmueller