etherealSecurity update for etherealSecurity update for etherealVarious problems have been fixed in the network analyzer
Ethereal, most leading to crashes of the ethereal program.
CVE-2006-5740: A unspecified vulnerability in the LDAP
dissector could be used to crash Ethereal.
CVE-2006-4574: A single \0 byte heap overflow was fixed in
the MIME multipart dissector. Potential of exploitability
is unknown, but considered low.
CVE-2006-4805: A denial of service problem in the XOT
dissector can cause it to take up huge amount of memory and
crash ethereal.
CVE-2006-5469: The WBXML dissector could be used to crash
ethereal.
CVE-2006-5468: A NULL pointer dereference in the HTTP
dissector could crash ethereal.
Various problems have been fixed in the network analyzer
Ethereal, most leading to crashes of the ethereal program.
CVE-2006-5740: A unspecified vulnerability in the LDAP
dissector could be used to crash Ethereal.
CVE-2006-4574: A single \0 byte heap overflow was fixed in
the MIME multipart dissector. Potential of exploitability
is unknown, but considered low.
CVE-2006-4805: A denial of service problem in the XOT
dissector can cause it to take up huge amount of memory and
crash ethereal.
CVE-2006-5469: The WBXML dissector could be used to crash
ethereal.
CVE-2006-5468: A NULL pointer dereference in the HTTP
dissector could crash ethereal.
securityethereali586c29270fe47c16ffd86bfb1170a09168a6c6dd1c0