From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050729 Netscape/8.0.3.3 Description of problem: 05.30.19 CVE: CAN-2005-1460 Platform: Cross Platform Title: Ethereal Multiple Protocol Dissector Vulnerabilities Description: Ethereal is a multi-platform network protocol sniffer and analyzer. Vulnerabilities in the various protocol dissectors have been disclosed by the vendor. The SMB dissector is susceptible to an unspecified buffer overflow due to improper bounds checking of user-supplied data. Ref: http://www.ethereal.com/appnotes/enpa-sa-00020.html (5) MODERATE: Ethereal Multiple Protocol Decoder Vulnerabilities Affected: Ethereal versions prior to 0.10.12 Description: Ethereal is a popular open source network sniffer and protocol analyzer for Unix and Windows platforms. The software contains format string or buffer overflow vulnerabilities in parsing multiple network protocols. These flaws can be exploited to execute arbitrary code with the privileges of the ethereal process (typically "root" when ethereal is being used as a sniffer). To exploit these flaws, an attacker has to either inject the malicious packets into the network traffic being sniffed by ethereal, or entice a client to open a specially crafted packet capture file. The technical details can be obtained by examining the fixed code. Note that any network applications based on ethereal protocol decoder modules may also be affected. Status: Vendor confirmed. Upgrade to version 0.10.12. In addition, this update fixes the zlib buffer overflow vulnerability discussed in a previous @RISK newsletter. References: Ethereal Advisory http://www.ethereal.com/news/item_20050726_01.html Previous @RISK Newsletter Posting (zlib Flaw) http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely6 SecurityFocus BID http://www.securityfocus.com/bid/14399 Version-Release number of selected component (if applicable): How reproducible: Didn't try Additional info:
Maybe mark as a dup of 152922?
Doing so.. *** This bug has been marked as a duplicate of 152922 ***