LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Ethereal buffer overflow, infinite loop and memory management vulnerabilities

Package(s):ethereal CVE #(s):CAN-2002-0012 CAN-2002-0013 CAN-2002-0353 CAN-2002-0401 CAN-2002-0402 CAN-2002-0403 CAN-2002-0404
Created:June 12, 2002 Updated:October 27, 2002
Description: Ethereal 0.9.4 was released on May 19, 2002 fixing four potential security issues in Ethereal 0.9.3:
  • The SMB dissector could potentially dereference a NULL pointer in two cases.
  • The X11 dissector could potentially overflow a buffer while parsing keysyms.
  • The DNS dissector could go into an infinite loop while reading a malformed packet.
  • The GIOP dissector could potentially allocate large amounts of memory.

No known exploits exist "in the wild" at the present time for any of these issues.

Ethereal 0.9.2 has several packet handling vulnerabilities that are best avoided by upgrading to 0.9.4. The PROTOS test suite found some flaws in SNMP and LDAP protocols support. Malformed packets could also crash ethereal 0.9.2 due to a ASN.1 zero-length g_malloc problem. The zlib "double free" vulnerability was addressed by the updates for that bug from many distributors.
Alerts:
SCO Group CSSA-2002-037.0 2002-10-24
Conectiva CLA-2002:505 2002-07-04
Yellow Dog YDU-20020606-7 2002-06-06
Red Hat RHSA-2002:088-06 2002-06-04
Eridani ERISA-2002:023 2002-06-06
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds