From; Panda Oxygen3: "Tell me and I will forget. Show me and I will learn. Involve me and I will understand." Confucius (551 BC - 479 BC); Chinese philosopher & reformer. - Buffer overflow in Ethereal - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, March 9 2005 - SecurityTracker has reported a buffer overflow in Ethereal (*), which could be used by remote attackers to run arbitrary code on vulnerable systems. The problem is related to the Ethereal dissector for processing CDMA2000 A11 RADIUS authentication packets. Specifically, the dissect_a11_radius() function in "packet-3g-a11.c" copies up to 256 bytes of user-supplied data of a size specified by the user in a 16 byte buffer. A remote user could send a specially crafted packet to exploit the overflow and execute code on the system. A demo exploit of the vulnerability is available, while the match is available via SVN at http://ethereal.com/development.html. (*) Ethereal is a network protocol analyzer, with versions for Windows and Unix, widely used in administrative environments because of it. NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1)Netsky.P; 2)Mhtredir.gen; 3)Downloader.GK; 4)Shinwow.E; 5)Sdbot.ftp. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ Mike ~ one of the Moderators It is a good day if I learned something new. Editor MikesWhatsNews http://www.mwn.ca/