Bug 719086 - (CVE-2011-3369) VUL-0: CVE-2011-3369: etherape remote crash
VUL-0: CVE-2011-3369: etherape remote crash
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
Other Other
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2011-09-20 07:06 UTC by Ludwig Nussel
Modified: 2015-09-25 13:23 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2011-09-20 07:06:30 UTC
Your friendly security team received the following report via oss-security.
Please respond ASAP.
The issue is public.

Date: Mon, 19 Sep 2011 16:53:05 +0200
From: Marcus Meissner <meissner@suse.de>
Subject: [oss-security] CVE Request? etherape remote crash (denial of service)


The authors of Etherape, a network traffic overview tool, fixed a remote
denial of service (NULL ptr dereference) fixed in etherape 0.9.12.


This tool is in the same area as wireshark, so this probably needs a CVE.

Ciao, Marcus
Comment 1 Ludwig Nussel 2011-09-22 13:08:15 UTC
Comment 2 Swamp Workflow Management 2011-10-21 15:23:49 UTC
The SWAMPID for this issue is 43811.
This issue was rated as moderate.
Please submit fixed packages until 2011-11-04.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 3 Marcus Meissner 2011-10-21 15:51:17 UTC
all done
Comment 4 Swamp Workflow Management 2011-10-24 08:24:18 UTC
Update released for: etherape, etherape-debuginfo, etherape-debugsource
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 5 Sebastian Krahmer 2011-10-24 08:25:34 UTC