Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow. CVE-2006-4805 It was discovered that the XOT dissector is vulnerable to denial of service caused by memory corruption. For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge9. Due to technical problems with the security buildd infrastructure this update lacks builds for the hppa and sparc architecture. They will be released as soon as the problems are resolved. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your ethereal packages.
Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems:
It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow.
It was discovered that the XOT dissector is vulnerable to denial of service caused by memory corruption.
For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge9. Due to technical problems with the security buildd infrastructure this update lacks builds for the hppa and sparc architecture. They will be released as soon as the problems are resolved.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your ethereal packages.
MD5 checksums of the listed files are available in the original advisory.
Vulmon