On Nov 20 Ethereal 8.14 was released. Redhat and Debian have 8.14 packages available, powertools 7.0 and the unstable tree in Debian. A notice was sent out on Freshmeat, the exploit was posted to Bugtraq, but there is nothing in suse-security-announce, on the security web page or in the SuSE 7.0 i386 updated packages directory on ftp.suse.com. Thank you Russell _http://www.ethereal.com/____________________________________________ _____ "An exploit for a buffer overrun in the AFS dissector was recently released on BugTraq. Ethereal 0.8.14 fixes this and other possibly-exploitable overruns. Also new in 0.8.14 are dissectors for WAP, SIP, AIM/OSCAR, 802.11, GIOP v1.2, and MGCP (plugin). Other dissectors were updated as well. Be sure to upgrade to 0.8.14 as soon as possible."