Ethereal: Critical Stack Overflow Advisory Detected in Protocol Analyzer

A code audit of the popular protocol analyser, Ethereal, has revealed several stack overflows which can be remotely triggered, according to a posting to the Full-Disclosure vulnerability mailing list. . . . A code audit of the popular protocol analyser, Ethereal, has revealed several stack overflows which can be remotely triggered, according to a posting to the Full-Disclosure vulnerability mailing list.

Stefan Esser of e-matters Security, who discovered the vulnerabilities, described them as critical, and said the developers of the open source package were expected to release an updated version soon.

Ethereal runs on all common platforms, including Unix, Linux and Windows.