Wireshark · Ethereal-dev: Re: [Ethereal-dev] ethereal radius dissector vulnerability

Ethereal-dev: Re: [Ethereal-dev] ethereal radius dissector vulnerability

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gerald Combs <gerald@xxxxxxxxxxxx>

Date: Mon, 22 Mar 2004 09:58:33 -0600

Jonathan Heusser wrote:
> Hello,
> 
> during an audit I found a vulnerability in the radius dissector of
> ethereal version 0.10.2
> (and probably prior to aswell).
> This bug allows a remote attacker to cause at least a denial of service
> attack. The execution of
> arbitrary code could be possible..

Thanks.  A change that should fix this has been checked in, although I
don't have any invalid RADIUS captures to test against.

References:
- [Ethereal-dev] ethereal radius dissector vulnerability
  - From: Jonathan Heusser

Prev by Date: RE: [Ethereal-dev] RE: [Ethereal-users] Re: H.225 SETUP not recog nised ? (2)
Next by Date: [Ethereal-dev] Kerberos bild error
Previous by thread: [Ethereal-dev] ethereal radius dissector vulnerability
Next by thread: [Ethereal-dev] Do libdfilter and libftypes need to be built as shared libs?
Index(es):
- Date
- Thread