Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 45964

Summary: Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit
Product: Gentoo Security Reporter: Tobias Weisserth <tobias>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: critical    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://seclists.org/lists/fulldisclosure/2004/Mar/1365.html
Whiteboard:
Package list:
Runtime testing required: ---

Description Tobias Weisserth 2004-03-28 02:55:16 UTC 
See the URL for very detailed information and exploit. I tried to add this as an attachment to bug 45543 but there seems to be a problem with Bugzilla accepting attachments.

I guess ethereal 0.10.0 to 0.10.2 should be masked in Portage ASAP since the full-disclosure mail already contains a real world exploit.

regards,
Tobias

Reproducible: Always
Steps to Reproduce:
Comment 1 Kurt Lieber (RETIRED) gentoo-dev 2004-03-28 03:52:30 UTC 
the IGAP overflow was one of the 13 discovered in the earlier ethereal vuln. report (see 45543 for details)  Is this vuln. somehow different?  AFAICS, they're the same (fixed by the same version, etc.)

Inlcined to close as a dupe.  Please clarify if this should not be the case.
Comment 2 Rajiv Aaron Manglani (RETIRED) gentoo-dev 2004-03-28 13:30:18 UTC 
this is fixed in ethereal 0.10.3.

http://seclists.org/lists/fulldisclosure/2004/Mar/1377.html
http://seclists.org/lists/fulldisclosure/2004/Mar/1386.html


*** This bug has been marked as a duplicate of 45543 ***