Re: Ethereal Security Vuln

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Interestingly enough, there was an ethereal errata released today, which
apparently addresses many of the issues you originally brought up.
https://rhn.redhat.com/errata/RHSA-2003-203.html

--Jeremy


On Wed, 2003-07-02 at 10:10, vincent wrote:
> On Wed, 02 Jul 2003 09:11:11 -0400
> Jeremy Portzer <jeremyp@xxxxxxxxx> said:
> 
> > There was an errata for tcpdump (which is used by ethereal)
> > https://rhn.redhat.com/errata/RHSA-2003-174.html
> 
> AFIK tcpdump is not used by ethereal, they share a pcap library
> that is about it. Try running ethereal then using top and lsof to find
> any references to tcpdump. I could not find any. And it also runs as
> root.
> [~]# /usr/sbin/lsof |grep -i pcap
> ethereal  3513 root  mem    REG       3,66   113904     52487
> /usr/lib/libpcap.so.0.6.2
>  
> > With that errata, tcpdump runs as 'pcap' instead of as root by default. 
> > Does this make those possible problems less dangerous perhaps?
> > 
> > I agree it looks like they should release an ethereal errata, but Q.A.
> > takes time.  Usually vendors are notified several weeks in advance of
> > announcing security vulnerabilities so they have time to develop and
> > Q.A. patches.  Do you know if Red Hat was notified in advance of the
> > announcement?
> > 
> > --Jeremy
> > 
> > On Wed, 2003-07-02 at 08:21, vincent wrote:
> > > last month on June 11th there were a ton of security problems in ethereal
> > > why has redhat not updated? last update I can find is April 23rd. for
> > > something else:
> > > http://ftp.redhat.com/pub/redhat/linux/updates/9/en/os/SRPMS/
> > > 
> > > The announcement can be found here.
> > > http://www.ethereal.com/appnotes/enpa-sa-00010.html
> > > 
> > > If we're vuln this should have been updated promptly.
> > -- 
> > /=====================================================================\
> > | Jeremy Portzer       jeremyp@xxxxxxxxx       trilug.org/~jeremy     |
> > | GPG Fingerprint: 712D 77C7 AB2D 2130 989F  E135 6F9F F7BC CC1A 7B92 |
> > \=====================================================================/
> > 
-- 
/=====================================================================\
| Jeremy Portzer       jeremyp@xxxxxxxxx       trilug.org/~jeremy     |
| GPG Fingerprint: 712D 77C7 AB2D 2130 989F  E135 6F9F F7BC CC1A 7B92 |
\=====================================================================/

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux