*Name:* Multiple problems in Ethereal versions 0.9.0 to 0.10.7 *Docid:* enpa-sa-00016 *Date:* December 15, 2004 *Versions affected:* 0.9.0 up to and including 0.10.7 *Severity:* *High* Details *Description:* Issues have been discovered in the following protocol dissectors: * Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash. Versions affected: 0.10.4 - 0.10.7 CVE: CAN-2004-1139 * An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling available disk space. Versions affected: 0.9.16 - 0.10.7 CVE: CAN-2004-1140 * The HTTP dissector could access previously-freed memory, causing a crash. Versions affected: 0.10.1 - 0.10.7 CVE: CAN-2004-1141 * Brian Caswell discovered that an improperly formatted SMB packet could make Ethereal hang, maximizing CPU utilization. Versions affected: 0.9.0 - 0.10.7 CVE: CAN-2004-1142 *Impact:* It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. *Resolution:* Upgrade to 0.10.8. If you are running a version prior to 0.10.8 and you cannot upgrade, you can disable the HTTP, DICOM, and SMB protocol dissectors by selecting /Analyze->Enabled Protocols.../ and deselecting them from the list. However, it is strongly recommended that you upgrade to 0.10.8. Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list. For corrections/additions/suggestions for this web page (and *not* Ethereal support questions), please send email to ethereal-web[AT]ethereal.com . Last modified: Wed, December 15 2004.