112225 – CAN-2003-1012/3 Ethereal security vulnerabilities

Bug 112225 - CAN-2003-1012/3 Ethereal security vulnerabilities

Summary: CAN-2003-1012/3 Ethereal security vulnerabilities

Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	ethereal
Sub Component:
Version:	1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Phil Knirsch
QA Contact:
Docs Contact:
URL:	http://www.ethereal.com/appnotes/enpa...
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2003-12-16 13:10 UTC by Mark J. Cox
Modified:	2015-03-05 01:13 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	2003-12-18 16:39:43 UTC
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Mark J. Cox 2003-12-16 13:10:08 UTC

Issues have been discovered in the following protocol dissectors:

    * Selecting "Match->Selected" or "Prepare->Selected" for a
malformed SMB packet could cause a segmentation fault.
    * It is possible for the Q.931 dissector to dereference a null
pointer when reading a malformed packet. 

Disclosed Dec12 (not Nov03 like the URL quotes). Ethereal 0.10.0
released with fixes.

        Affects: FC1

Comment 1 Mark J. Cox 2003-12-18 16:39:43 UTC

Fixed FEDORA-2003-040

Note You need to log in before you can comment on or make changes to this bug.