Advisories:rPSA-2006-0158
From rPath Wiki
rPath Security Advisory 2006-0158-1
Published: 2006-08-25
Products
- rPath Linux 1
Rating
- Severe
Exposure Level Classification
- Remote Root Non-deterministic Vulnerability
Updated Versions
- tshark=conary.rpath.com@rpl:1/0.99.3a-0.1-1
- wireshark=conary.rpath.com@rpl:1/0.99.3a-0.1-1
rPath Issue Tracking System
References
Description
- All versions of the ethereal and tethereal packages, as well as
- all previous versions of the wireshark and tshark packages, will
- crash and possibly execute remotely-provided code when presented
- with certain malformed packets. Because wireshark and tshark are
- often run as the root user, this may allow complete access to the
- vulnerable system.
- The fixes are available only as part of the wireshark package.
- Development of the ethereal program has ceased under the ethereal
- name and continued under the wireshark name, due to restrictions
- on the use of the "ethereal" trademark. The latest version of the
- ethereal and tethereal packages in rPath Linux 1 are now redirects
- to the wireshark and tshark packages. The command "conary update
- ethereal tethereal" will cause the ethereal and tethereal packages
- on the system to be replaced by wireshark and tshark, respectively.
- The "conary updateall" command will also appropriately migrate the
- system from ethereal to wireshark.
- The fix for this vulnerability is available in the latest version of
- the wireshark and tshark packages. rPath strongly recommends that
- you update to the wireshark and/or tshark packages, and that you
- not use the affected ethereal and tethereal packages, particularly
- not on untrusted networks or trace files.
- Note that vulnerabilities described in CVE-2006-4331 and
- CVE-2006-4332, which are also resolved in this version of the
- wireshark source code, do not apply to rPath Linux.
Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html