Upgrade ethereal please. . .

Shimon shimen at gmail.com
Tue Mar 15 06:22:35 CST 2005 

struct target_t target_list[] =
{
    {1,  "Slackware 10.1      - ethereal 0.10.9 from source",   0x0812d110},
    {2,  "Slackware 10.1      - tethereal 0.10.9 from source",  0x081f30d0},
    {3,  "Fedora Core 3       - ethereal  0.10.9 from rpm",     0x08117a80},
    {4,  "Fedora Core 3       - tethereal 0.10.9 from rpm",     0x08690ac0},
    {4,  "Gentoo 2004.3       - tethereal 0.10.9 from portage", 0x081c3d90},
    {-1, NULL, -1}
};

It doesn't target ubuntu or debian but the hole is still there.


On Tue, 15 Mar 2005 23:16:04 +1100, Shimon <shimen at gmail.com> wrote:
> Never thought I will see this day a secuirty tool allowing remote access....
> 
> Best to remove it from the reps before the release if its not fixed in time?
> 
> And I just told ##linux a few days I am using ethereal.
> 
> I'll say it again i never thought i'll see this day...... LOL
> 
> 
> On Mon, 14 Mar 2005 22:52:03 -0500, John Richard Moser
> <nigelenki at comcast.net> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Matt Zimmerman wrote:
> > > On Mon, Mar 14, 2005 at 10:19:53PM -0500, John Richard Moser wrote:
> > >
> > >
> > >>Ethereal <0.10.10 has a serious security bug.  This bug is detailed.
> > >>
> > >>
> > >>http://www.securityfocus.com/archive/1/393190?ref=rss
> > >>
> > >>As you can see, this is a remote root.  While this is a Universe
> > >>package, it is a common *security tool* and thus it would be in all of
> > >
> > >
> > > It's a surprisingly common security tool with a particularly horrific
> > > security history.  Don't worry; even if we upgrade to the new version, it
> > > still has remote root vulnerabilities in it.
> >
> > lol :)
> >
> > Well whatever.  Like I said, politics will control this one. . .
> >
> > >
> >
> > - --
> > All content of all messages exchanged herein are left in the
> > Public Domain, unless otherwise explicitly stated.
> >
> >     Creative brains are a valuable, limited resource. They shouldn't be
> >     wasted on re-inventing the wheel when there are so many fascinating
> >     new problems waiting out there.
> >                                                  -- Eric Steven Raymond
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.5 (GNU/Linux)
> > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> >
> > iD8DBQFCNlvjhDd4aOud5P8RAqlBAJ9xQs/x8XcxDJ74FjuR5jF85gKKUACfWxnL
> > 5RLFj0GR4IQDaZml3cUCBMM=
> > =WsW+
> > -----END PGP SIGNATURE-----
> >
> > --
> > ubuntu-devel mailing list
> > ubuntu-devel at lists.ubuntu.com
> > http://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
> >
> 
> --
> From the desk of shimon.
> 


-- 
>From the desk of shimon.

More information about the ubuntu-devel mailing list