Hello! I learned from a collegue that the sniffer Ethereal shall have a security hole. Does anybody know about this? Thank you for your answer in advance. -- Freundliche Grüße kind regards Ingo
On Sat, Dec 21, 2002 at 11:35:13AM +0100, Ingo Doerrie wrote:
I learned from a collegue that the sniffer Ethereal shall have a security hole. Does anybody know about this?
Yes, there are buffer overflows that may allow carefully crafted network
packets (on the wire or inside a capture file) to take over the Ethereal
process. For details please see:
http://www.ethereal.com/appnotes/
The SuSE 8.1 rpm of Ethereal has the same vulnerabilites as the original
source.
Ciao
Jörg
--
Joerg Mayer
participants (2)
-
Ingo Doerrie
-
Joerg Mayer