Ethereal IGAP Protocol Dissector Message Overflow

2003-12-10T00:00:00
ID OSVDB:6888
Type osvdb
Reporter Stefan Esser(sesser@hardened-php.net)
Modified 2003-12-10T00:00:00

Description

Vulnerability Description

A remote overflow exists in Ethereal. The IGAP Protocol Dissector fails to check the bounds of the "message" variable resulting in a stack overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity.

Solution Description

Upgrade to version 0.10.0 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Disable the dissector

Short Description

A remote overflow exists in Ethereal. The IGAP Protocol Dissector fails to check the bounds of the "message" variable resulting in a stack overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity.

References:

Vendor URL: http://www.ethereal.com/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:11744 Related OSVDB ID: 6893 Related OSVDB ID: 4490 Related OSVDB ID: 6887 Related OSVDB ID: 6889 Related OSVDB ID: 6896 Related OSVDB ID: 6894 Related OSVDB ID: 6895 Related OSVDB ID: 6898 Related OSVDB ID: 6890 Related OSVDB ID: 6891 Related OSVDB ID: 6892 Related OSVDB ID: 6897 RedHat RHSA: RHSA-2004:136-09 RedHat RHSA: RHSA-2004:137-07 Other Advisory URL: http://security.e-matters.de/advisories/032004.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-03/0227.html ISS X-Force ID: 15569 CVE-2004-0176