Wireshark (Ethereal) Bugs in SCSI, DHCP, and Q.2931 Dissectors Let Remote Users Execute Arbitrary Code or Deny Service - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Wireshark

Vendors: Wireshark.org

Wireshark (Ethereal) Bugs in SCSI, DHCP, and Q.2931 Dissectors Let Remote Users Execute Arbitrary Code or Deny Service

SecurityTracker Alert ID: 1016736

SecurityTracker URL: http://securitytracker.com/id/1016736

CVE Reference: CVE-2006-4330, CVE-2006-4331, CVE-2006-4332, CVE-2006-4333 (Links to External Site)

Updated: Sep 12 2006

Original Entry Date: Aug 23 2006

Impact: Denial of service via network, Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 0.7.9 - 0.99.2

Description: A vulnerability was reported in Wireshark (Ethereal). A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

If Wireshark was compiled with IPSec ESP decryption support, a remote user can send specially crafted data to trigger an off-by-one error in the IPSec ESP preference parser. Only version 0.99.2 is affected.

A remote user can send specially crafted data to cause the SCSI dissector to crash. Only version 0.99.2 is affected.

A remote user can send specially crafted DHCP data to trigger a flaw in Glib on Windows-based systems and cause the DHCP dissector to crash. Other dissectors may also be affected. Versions 0.10.13 - 0.99.2 are vulnerable.

If the SSCOP dissector has a port range configured (which is not the default configuration) and the SSCOP payload protocol is Q.2931, a remote user can send a specially crafted packet to cause the Q.2931 dissector to consume all available memory. Versions 0.7.9 - 0.99.2 are affected.

These vulnerabilities can also be triggered by a specially crafted packet trace file.

Impact: A remote user can execute arbitrary code on the target system.

A remote user can cause denial of service conditions.

Solution: The vendor has issued a fixed version (0.99.3).

The Wireshark advisory is available at:

http://www.wireshark.org/security/wnpa-sec-2006-02.html

Vendor URL: www.wireshark.org/security/wnpa-sec-2006-02.html (Links to External Site)

Cause: Boundary error, Resource error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Message History: This archive entry has one or more follow-up message(s) listed below.

(Red Hat Issues Fix) Wireshark (Ethereal) Bugs in SCSI, DHCP, and Q.2931 Dissectors Let Remote Users Execute Arbitrary Code or Deny Service (bugzilla@redhat.com)
Red Hat has released a fix for Red Hat Enterprise Linux 2.1, 3, and 4.

Source Message Contents

Date: Wed, 23 Aug 2006 11:51:13 -0400
Subject: Multiple problems in Wireshark (Ethereal ) versions 0.7.9 to 0.99.2


http://www.wireshark.org/security/wnpa-sec-2006-02.html

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC