Ethereal fails to properly handle malformed color filter files, which could allow an attacker to cause a segmentation fault.
Ethereal is a network traffic analysis package. It provides a feature that allows a user to customize the foreground and background colors of packet information that is displayed. There is a vulnerability in the way Ethereal handles color filter files. A local attacker could exploit this vulnerability by creating a malformed color filter.
A local attacker could cause a segmentation fault in Ethereal, leading to a denial of service.
Upgrade to version 0.10.3 or later.
This vulnerability was reported by the developers of Ethereal.
This document was written by Damon Morda.
|Date First Published:||2004-03-24|
|Date Last Updated:||2004-04-05 20:45 UTC|