Vulnerability Note VU#542540

Ethereal DCE RPC dissector vulnerable to DoS

Overview

A vulnerability in Ethereal may allow a remote attacker to cause a denial of service.

I. Description

The Ethereal web site describes Ethereal as "a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session."

Ethereal includes the ability to examine packets containing DCE RPC data (DCE RPC is "a facility for calling a procedure on a remote machine as if it were a local procedure call"). The vulnerability exists in the way Ethereal's DCE RPC dissector allocates memory. For more information, please see Ethereal's announcement.

II. Impact

A remote attacker may be able to consume excessive amounts of memory, and potentially crash Ethereal.

III. Solution

Upgrade to Ethereal version 0.9.13.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Ethereal	Vulnerable	12-Jun-2003

References

http://rsusu1.rnd.runnet.ru/alpha/progtool/dce31unx/overview/Dceint63.htm
http://www.ethereal.com/appnotes/enpa-sa-00010.html
http://www.secunia.com/advisories/9007/
http://www.ethereal.com/

Credit

The CERT/CC thanks Ethereal for publishing enpa-sa-00010, upon which this document is based.

This document was written by Ian A Finlay.

Other Information

Date Public:	2003-06-11
Date First Published:	2003-06-12
Date Last Updated:	2003-06-12
CERT Advisory:
CVE-ID(s):
NVD-ID(s):
US-CERT Technical Alerts:
Metric:	7.50
Document Revision:	5

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader