Wireshark NDPS Dissector Unspecified Off-by-one

2006-07-17T10:03:49
ID OSVDB:27368
Type osvdb
Reporter Ilja van Sprundel()
Modified 2006-07-17T10:03:49

Description

Vulnerability Description

A remote overflow exists in the Wireshark NDPS dissector. The application fails to properly iterate over a buffer resulting in a off-by-one overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Upgrade to version 0.99.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in the Wireshark NDPS dissector. The application fails to properly iterate over a buffer resulting in a off-by-one overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:21078 Secunia Advisory ID:21121 Secunia Advisory ID:21598 Secunia Advisory ID:21107 Secunia Advisory ID:21204 Secunia Advisory ID:21249 Secunia Advisory ID:21488 Secunia Advisory ID:21467 Secunia Advisory ID:22089 Related OSVDB ID: 27361 Related OSVDB ID: 27362 Related OSVDB ID: 27364 Related OSVDB ID: 27369 Related OSVDB ID: 27360 Related OSVDB ID: 27363 Related OSVDB ID: 27366 Related OSVDB ID: 27367 Related OSVDB ID: 27371 Related OSVDB ID: 27370 Related OSVDB ID: 27365 RedHat RHSA: RHSA-2006:0602 Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:128 Keyword: formerly ethereal Keyword: wnpa-sec-2006-01 ISS X-Force ID: 27827 FrSIRT Advisory: ADV-2006-2850 CVE-2006-3630 Bugtraq ID: 19051