GEN:SID 1:2464
Message EXPLOIT EIGRP prefix length overflow attempt
Summary This event is generated when an attempt is made to exploit a buffer overflow
associated with the Ethereal decode of the Enhanced Interior Gateway Routing Protocol
(EIGRP).
Impact A successful attack may allow the execution of arbitrary code as root or
LOCAL_SYSTEM privilege on a vulnerable host.
Detailed Information There is a vulnerability associated with particular versions of Ethereal that
may cause a buffer overflow when a malformed EIGRP packet is decoded.  This
may permit the execution of arbitrary code with root or LOCAL_SYSTEM privilege.
The buffer overflow occurs when a larger than expected packet length value is
discovered in the EIGRP payload.
Affected Systems Any host running Ethereal versions 0.8.14 through 0.10.2.
Attack Scenarios An attacker can create and send a malformed EIGRP packet, and if decoded by
a vulnerable version of Ethereal, can cause a buffer overflow and the
subsequent execution of arbitrary code.
Ease of Attack Simple. Exploit code is available.
Corrective Action Update to version 0.10.3 of Ethereal.
Additional References  
Rule References bugtraq: 9952
cve: 2004-0176
cve: 2004-0367