Your message dated Fri, 8 Sep 2006 21:37:14 +0200
with message-id <[EMAIL PROTECTED]>
and subject line "ethereal" is now wireshark, fixed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: ethereal
Version: 0.10.10-2sarge4
Severity: grave
Tags: security
Justification: dos attack
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- From <http://www.wireshark.org/security/wnpa-sec-2006-02.html>:
If the SSCOP dissector has a port range configured and the SSCOP payload
protocol is Q.2931, a malformed packet could make the Q.2931 dissector use
up available memory. No port range is configured by default.
Versions affected: 0.7.9 - 0.99.2. CVE: CVE-2006-4333
The other vulnerabilities listen on that page do not apply to the
version of Ethereal in Sarge.
- -- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFE7hmhshl/216gEHgRAsZpAJ0aznD9P/pC9dQvQUm91tfJzgiEEgCgkDeh
pM3EifITi+hr/85YhkM0mZU=
=PpHk
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Version: 0.99.2-5.1
This was fixed in the wireshark-package now, and ethereal is provided by
wireshark, so closing this bug report.
--
http://home.arcor.de/andreas-barth/
--- End Message ---
