| Bug ID |
9098
|
| Summary |
fix NTLMSSP Target Info Attribute dissection
|
| Classification |
Unclassified
|
| Product |
Wireshark
|
| Version |
SVN
|
| Hardware |
x86
|
| OS |
Mac OS X 10.7
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 11499 [details]
fix NTLMSSP Target Info Attribute dissection
Build Information:
--
This is an additional bug fix on top of Bug 8640. The NTLMSSP Target Info
Attributes can have a 0 content length. But the current code will still try to
dissect a timestamp and can throw an out of bounds exception. The attached fix
will only attempt to dissect the attribute if the content length is > 0.
I've also added an expert info warning if the Target Info Attribute is of on
unknown type and thus have passed the pinfo pointer into a couple of function
parameter lists.
See the attached capture file for a DCE/RPC BindAck with an NTLMSSP blob
showing the problem. This fix should also be applied to the 1.10 release of
Wireshark where changes for Bug 8640 were made.
You are receiving this mail because:
- You are watching all bug changes.
