Name: Multiple security problems in Ethereal 0.10.3

Docid: enpa-sa-00014

Date: March 22, 2004

Versions affected: 0.9.8 up to and including 0.10.3

Severity: High

Description:

Issues have been discovered in the following protocol dissectors:

• A SIP packet could make Ethereal crash under specific conditions, as described in the following message:
  http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html
  (0.10.3).
• The AIM dissector could throw an assertion, causing Ethereal to terminate abnormally (0.10.3).
• It was possible for the SPNEGO dissector to dereference a null pointer, causing a crash (0.9.8 to 0.10.3).
• The MMSE dissector was susceptible to a buffer overflow. (0.10.1 to 0.10.3).

Impact:

It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file.

Resolution:

Upgrade to 0.10.4.

If you are running a version prior to 0.10.4 and you cannot upgrade, you can disable all of the protocol dissectors listed above by selecting Analyze->Enabled Protocols... and deselecting them from the list. However, it is strongly recommended that you upgrade to 0.10.4.