Ethereal BGP Dissector MPLS Label Overflow

2004-01-06T00:00:00
ID OSVDB:6893
Type osvdb
Reporter Stefan Esser(sesser@hardened-php.net)
Modified 2004-01-06T00:00:00

Description

Vulnerability Description

A remote overflow exists in Ethereal. The BGP Dissector fails to check the bounds of the IPv6 label resulting in a stack overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity. Due to the stacklayout, exploitation would be extremely difficult.

Solution Description

Upgrade to version 0.10.1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Disable the dissector

Short Description

A remote overflow exists in Ethereal. The BGP Dissector fails to check the bounds of the IPv6 label resulting in a stack overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity. Due to the stacklayout, exploitation would be extremely difficult.

References:

Vendor URL: http://www.ethereal.com/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:11744 Related OSVDB ID: 6888 Related OSVDB ID: 4490 Related OSVDB ID: 6887 Related OSVDB ID: 6889 Related OSVDB ID: 6896 Related OSVDB ID: 6894 Related OSVDB ID: 6895 Related OSVDB ID: 6898 Related OSVDB ID: 6890 Related OSVDB ID: 6891 Related OSVDB ID: 6892 Related OSVDB ID: 6897 RedHat RHSA: RHSA-2004:136-09 RedHat RHSA: RHSA-2004:137-07 Other Advisory URL: http://security.e-matters.de/advisories/032004.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-03/0227.html ISS X-Force ID: 15569 CVE-2004-0176 CIAC Advisory: o-105 CERT VU: 119876