https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2926
Summary: assertion on malformed .ncf file (from milw0rm)
Product: Wireshark
Version: 1.0.3
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: jeff.morriss.ws@xxxxxxxxx
Created an attachment (id=2293)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2293)
malformed .ncf file
Build Information:
TShark 1.1.2 (SVN Rev 26326)
Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.14.6, with libpcap 0.9.7, with libz 1.2.3, with POSIX
capabilities (Linux), without libpcre, without SMI, without c-ares, without
ADNS, without Lua, with GnuTLS 1.6.3, with Gcrypt 1.2.4, with MIT Kerberos.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Linux 2.6.25.4-10.fc8, with libpcap version 0.9.7.
Built using gcc 4.1.2 20070925 (Red Hat 4.1.2-33).
--
I was informed that the site milw0rm.com had a DoS against Wireshark, detailed
here:
http://www.milw0rm.com/exploits/6622
with the offending attachment here (and also attached to this bug report):
http://milw0rm.com/sploits/2008-wireshark.ncf
Wiretap is asserting out.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
