Issues have been discovered in the following protocol dissectors:
* The iSNS dissector could make Ethereal abort in some cases. (0.10.3 - 0.10.4)
* SMB SID snooping could crash if there was no policy name for a handle. (0.9.15 - 0.10.4)
* The SNMP dissector could crash due to a malformed or missing community string. (0.8.15 - 0.10.4)
It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
netmon: please bump ethereal to 0.10.5.
Target keywords based on previous vulnerable ebuilds: "alpha amd64 ia64 ppc sparc x86"
0.10.5, in portage now, I've marked x86 stable.
Arches: please mark stable
stable on amd64
Stable on ppc.
Stable on sparc.
Supported arches are stable, this is ready for a GLSA.
GLSA drafted : security please review
Stable on alpha as well.