Wireshark · Ethereal-dev: [Ethereal-dev] [Coverity] Possible Format String Vulnerabilites

Ethereal-dev: [Ethereal-dev] [Coverity] Possible Format String Vulnerabilites

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: metatech <metatech@xxxxxxxxxxxxx>

Date: Wed, 16 Mar 2005 07:58:59 +0100

>Let me know if these look valid, and if so, when a possible patch would
>be made available. We appreciate your feedback as a method to improve
>and expand our security checkers.

>Bug 1:
>/ethereal-0.10.10/epan/dissectors/packet-mq.c:dissect_mq_pdu
>- sStructId pulled off of tvb via tvb_get_string() and passed to
>proto_tree_add_text() as format argument.

Bryan,

Beware that at line 1595 there is a enumeration of all possible values forthe StructId,so the the StructId is only pulled off the packet and taken into account iffound in a known list.


CU,

metatech

Follow-Ups:
- Re: [Ethereal-dev] [Coverity] Possible Format String Vulnerabilites
  - From: Gerald Combs

Prev by Date: RE: [Ethereal-dev] hosts file is not read
Next by Date: Re: [Ethereal-dev] hosts file is not read
Previous by thread: Re: [Ethereal-dev] [Coverity] Possible Format String Vulnerabilites
Next by thread: Re: [Ethereal-dev] [Coverity] Possible Format String Vulnerabilites
Index(es):
- Date
- Thread