Unhealthy Sniffing

Simon Doring writes "Stefan Esser did it again. Yesterday he reported 13 remote root vulnerabilities in Ethereal. Time to teach all those sniffing kiddies an unhealthy lesson. The next LAN party will be a lot of fun."

Not the worst thing in the world

[Old+Uncle+Bill]

Yeah, I don't like remote root exploits any more than the next guy, but are there a lot of people who run this 24/7? For the one hour a week I run this tool, I'm not AS concerned as if it was my OS with those vulnerabilities *cough*Windows*cough*.

Privilege separation

There is no reason the Ethereal GUI or protocol analysis code needs to run as root. It should drop privileges as soon as it begins sniffing.

This is very unfortunate

[n1ywb]

Ethereal is a valuable network diagnostic tool. It has saved my ass a couple of times, and it has been helpful many times. I was the only person in my Networks class in college that was able to do my assignments from my room, everybody else had to go to the lab to use the commercial sniffer.

On the other hand, 13 vulnerabilities isn't too terrible and hopefully they'll get them patched up straight away. I'm sure that your average commercial packet sniffer probably is probably just as bad or worse, and those bugs aren't getting fixed.

Re:This is very unfortunate

[Phillup]

It would be unfortunate if it was a closed source application and the company had no desire to fix the problems.

That isn't the case.

This is just another step in making the product even better than it already is...

Congrats to Ethereal team for quick resolution

[Paladine97]

You've got to hand it to the ethereal team for their quick fixes.

The bottom of the advisory states that they were made aware on the 5th of March, and by the 23rd of March all the holes were fixed.