Ethereal sFlow Dissector Null Pointer Dereference DoS

2005-10-19T05:49:32
ID OSVDB:20130
Type osvdb
Reporter OSVDB
Modified 2005-10-19T05:49:32

Description

Vulnerability Description

Ethereal contains a flaw related to the sFlow dissector that could dereference a null pointer, which may allow a remote attacker to crash the application. No further details have been provided.

Solution Description

Upgrade to version 0.10.13 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Ethereal contains a flaw related to the sFlow dissector that could dereference a null pointer, which may allow a remote attacker to crash the application. No further details have been provided.

References:

Vendor URL: http://www.ethereal.com/ Vendor Specific Advisory URL Security Tracker: 1015082 Secunia Advisory ID:17757 Secunia Advisory ID:17254 Secunia Advisory ID:17327 Secunia Advisory ID:17392 Secunia Advisory ID:21813 Secunia Advisory ID:17286 Secunia Advisory ID:17377 Secunia Advisory ID:17480 Related OSVDB ID: 20123 Related OSVDB ID: 20126 Related OSVDB ID: 20134 Related OSVDB ID: 20137 Related OSVDB ID: 20121 Related OSVDB ID: 20132 Related OSVDB ID: 20133 Related OSVDB ID: 20136 Related OSVDB ID: 20122 Related OSVDB ID: 20125 Related OSVDB ID: 20128 Related OSVDB ID: 20129 Related OSVDB ID: 20131 Related OSVDB ID: 20124 Related OSVDB ID: 20127 Related OSVDB ID: 20135 RedHat RHSA: RHSA-2005:809 Other Advisory URL: http://www.ethereal.com/appnotes/enpa-sa-00021.html Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20051101-01-U.asc Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1171 Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Nov/0001.html Keyword: enpa-sa-00021 CVE-2005-3246 Bugtraq ID: 15148