Vulnerability Note VU#641013

Ethereal contains multiple one-byte buffer overflows in several dissectors

Original Release date: 12 May 2003 | Last revised: 19 Aug 2004

Overview

Ethereal is a network traffic analysis package. Several packet dissectors contain a vulnerability that may cause a denial-of-service situation.

Description

Several packet dissectors for Ethereal contain a one-byte buffer overflow vulnerability. According to the Ethereal Advisory, tvb_get_nstringz() and tvb_get_nstringz0() were used in an unsafe manner.

Versions 0.9.11 and earlier of dissectors for AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP are affected.

Impact

It may be possible for a remote attacker to crash the program or run arbitrary code on the system via a crafted packet.

Solution

Upgrade to version 0.9.12 which resolves this issue.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
EtherealAffected-12 May 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Timo Sirainen for reporting this vulnerability.

This document was written by Jason A Rafail and is based upon information in the Ethereal Advisory.

Other Information

  • CVE IDs: Unknown
  • Date Public: 01 May 2003
  • Date First Published: 12 May 2003
  • Date Last Updated: 19 Aug 2004
  • Severity Metric: 5.99
  • Document Revision: 13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.