SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Ethereal Vendors:  Ethereal.com
Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code
SecurityTracker Alert ID:  1010158
SecurityTracker URL:  http://securitytracker.com/id?1010158
CVE Reference:  CAN-2004-0504 ,  CAN-2004-0505 ,  CAN-2004-0506 ,  CAN-2004-0507   (Links to External Site)
Updated:  Jun 5 2004
Original Entry Date:  May 14 2004
Impact:  Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): 0.9.8 up to and including 0.10.3
Description:  Several vulnerabilities were reported in Ethereal, affecting the SIP, AIM, SPNEGO, and MMSE dissectors. A remote user can cause denial of service conditions or execute arbitrary code on the target system.

The vendor reported that several protocol dissectors contain flaws that may allow a remote user to cause Ethereal to crash or to execute arbitrary code.

It is reported that a remote user can send a SIP packet that will, under certain conditions, cause Ethereal to crash [CVE: CAN-2004-0504]. Only version 0.10.3 is affected, the report said. Details on the conditions required to trigger the flaw are provided at:

http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html

It is also reported that a remote user can cause the AIM dissector to throw an assertion and cause Ethereal to crash [CVE: CAN-2004-0505]. Only version 0.10.3 is affected, the report said.

It is also reported that a remote user can trigger a null pointer dereference in the SPNEGO dissector and cause Ethereal to crash [CVE: CAN-2004-0506].

It is also reported that there is a buffer overflow in the MMSE dissector [CVE: CAN-2004-0507]. Versions 0.10.1 to 0.10.3 are affected. A remote user can cause arbitrary code to be executed by the Ethereal process.

These flaws can be triggered by a remote user sending malformed traffic through a network that is monitored by Ethereal, via a malformed packet trace file, or via a malformed color filter file.
Impact:  A remote user can cause Ethereal to crash. A remote user can cause Ethereal to execute arbitrary code with the privileges of the Ethereal process.
Solution:  The vendor has issued a fixed version (0.10.4), available at:

http://www.ethereal.com/download.html

For users of versions prior to 0.10.4 that cannot upgrade, the report indicates that you can disable all of the protocol dissectors listed above by selecting Analyze->Enabled Protocols... and deselecting them from the list.
Vendor URL:  www.ethereal.com/appnotes/enpa-sa-00014.html (Links to External Site)
Cause:  Boundary error, Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 3 2004 (Fedora Issues Fix for FC1) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (Phil Knirsch <pknirsch@redhat.com>)
Fedora has released a fix for FC1.
Jun 3 2004 (Fedora Issues Fix for FC2) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (Phil Knirsch <pknirsch@redhat.com>)
Fedora has released a fix for FC2.
Jun 5 2004 (Gentoo Issues Fix) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (Thierry Carrez <koon@gentoo.org>)
Gentoo has released a fix.
Jun 9 2004 (Red Hat Issues Fix for RH Enterprise Linux) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (bugzilla@redhat.com)
Red Hat has released a fix for Red Hat Enterprise Linux 2.1 and 3.
Oct 1 2004 (Fedora Issues Fix for RH Linux) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (Marc Deslauriers <marcdeslauriers@videotron.ca>)
Fedora has issued a fix for Red Hat Linux 7.3 and 9.
Jan 14 2005 (Conectiva Issues Fix) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code   (Conectiva Updates <secure@conectiva.com.br>)
Conectiva has released a fix.


 Source Message Contents

 

[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC