Ethereal MMSE Dissector Static Memory Freeing

2005-01-20T03:08:36
ID OSVDB:13112
Type osvdb
Reporter OSVDB
Modified 2005-01-20T03:08:36

Description

Vulnerability Description

Ethereal contains a flaw related to the MMSE dissector that may allow an attacker to cause a denial of service by freeing statically-allocated memory. No further details have been provided.

Solution Description

Upgrade to version 0.10.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Ethereal contains a flaw related to the MMSE dissector that may allow an attacker to cause a denial of service by freeing statically-allocated memory. No further details have been provided.

References:

Vendor Specific News/Changelog Entry: http://www.ethereal.com/news/item_20050120_01.html Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1012962 Secunia Advisory ID:13955 Secunia Advisory ID:14259 Secunia Advisory ID:14759 Secunia Advisory ID:13946 Secunia Advisory ID:13954 Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050202-01-U.asc ISS X-Force ID: 19003 CVE-2005-0010 CIAC Advisory: p-106