within the resolver code makes it possible to overwrite stack
variables by generating a malformed DNS packet. This problem makes
it possible to create a situation where a malicious user may be
able to execute code remotely with the UID and GID of the BitchX
client. It is necessary for an attacker to control their own DNS
to exploit this bug.
--
Besides the new dissectors (WAP, SIP, AIM/OSCAR, GIOP 1.2, 802.11)
and updates to many many dissectors, an exploit for a buffer overrun
in the AFS dissector has been patched. Please upgrade to 0.8.14 as soon
as possible to guard against this exploit, which was announced
this weekend in BugTraq.
- works around Bash bug
- dnscache-conf now wants dnsroots from /etc, instead of /usr/local/etc.
sigh.
Work around this by instructing user to copy dnsroots.global from
PREFIX/share/dnscache to /etc in pkg/MESSAGE.
connections on the chosen network interface and attempts to interpret
them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
decodes the records and displays them in a textual form to stdout. If
provided with the appropriate keying material, it will also decrypt
the connections and display the application data traffic.
--
New dissectors include H.261, TPKT, and IGRP. RTP and RTCP were
re-written, and many other dissectors were updated and improved.
The wiretap library enables Ethereal to read Nokia-firewall tcpdump
files, Shomiti Surveyor 3.x files, pppd log files (pppdump format),
and NetXRay ATM files.
