Vulnerability Note VU#644886
Ethereal fails to properly parse NetFlow UDP packets with an overly large template_entry count
Ethereal fails to properly parse v9_template structures in NetFlow UDP packets with an overly large template_entry count. This could allow an attacker to execute arbitrary code.
Ethereal is a network traffic analysis package. It includes the ability to decode packets containing NetFlow data. There is a buffer overflow vulnerability in the way the NetFlow v9 dissector parses v9_template structures in a NetFlow UDP packet. A remote, unauthenticated attacker could exploit this vulnerability by sending a NetFlow UDP packet containing an overly large template_entry count which could allow for arbitrary code execution.
A remote, unauthenticated attacker could execute arbitrary code on the vulnerable system.
Upgrade to version 0.10.3 or later.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Ethereal||Affected||-||24 Mar 2004|
CVSS Metrics (Learn More)
Ethereal credits Stefan Esser for reporting this vulnerability.
This document was written by Damon Morda.
- CVE IDs: CAN-2004-0176
- Date Public: 22 Mar 2004
- Date First Published: 24 Mar 2004
- Date Last Updated: 25 Mar 2004
- Severity Metric: 9.82
- Document Revision: 25
If you have feedback, comments, or additional information about this vulnerability, please send us email.