Ethereal fails to properly parse v9_template structures in NetFlow UDP packets with an overly large template_entry count. This could allow an attacker to execute arbitrary code.
Ethereal is a network traffic analysis package. It includes the ability to decode packets containing NetFlow data. There is a buffer overflow vulnerability in the way the NetFlow v9 dissector parses v9_template structures in a NetFlow UDP packet. A remote, unauthenticated attacker could exploit this vulnerability by sending a NetFlow UDP packet containing an overly large template_entry count which could allow for arbitrary code execution.
A remote, unauthenticated attacker could execute arbitrary code on the vulnerable system.
Upgrade to version 0.10.3 or later.
Ethereal credits Stefan Esser for reporting this vulnerability.
|Date First Published:||2004-03-24|
|Date Last Updated:||2004-03-25 16:50 UTC|