Ethereal

Sniffing the glue that holds the Internet together
Search:  options

[   Application Notes    |   Summary    |   Details    |   Home   ]

 
SUMMARY
Name: Security problems in Ethereal 0.9.15

Docid: enpa-sa-00011

Date: November 3, 2003

Severity: High

DETAILS
Description:

Potential security issues have been discovered in the following protocol dissectors:

  • An improperly formatted GTP MSISDN string could cause a buffer overflow.
  • A malformed ISAKMP or MEGACO packet could make Ethereal or Tethereal crash.
  • The SOCKS dissector was susceptible to a heap overlfow.

Impact:

It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file.

Resolution:

Upgrade to 0.9.16.

If you are running a version prior to 0.9.16 and you cannot upgrade, you can disable the GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors by selecting Edit->Protocols... and deselecting them from the list.

 

Support can be found on the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this page, please send email to: ethereal-web[AT]ethereal.com
Last modified: Sun, November 02 2003.