This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200507-27
(Ethereal: Multiple vulnerabilities)
There are numerous vulnerabilities in versions of Ethereal prior
to 0.10.12, including:
The SMB dissector could overflow a
buffer or exhaust memory (CAN-2005-2365).
that several dissectors are vulnerable to format string overflows
Additionally multiple potential crashes in
many dissectors have been fixed, see References for further
An attacker might be able to use these vulnerabilities to crash
Ethereal or execute arbitrary code with the permissions of the user
running Ethereal, which could be the root user.
There is no known workaround at this time.
See also :
All Ethereal users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.12'
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true