[virusinfo] Buffer overflow in Ethereal - 03/09/05

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Wed, 09 Mar 2005 17:14:11 -0800

From; Panda Oxygen3:

"Tell me and I will forget. Show me and I will learn. 
                     Involve me and I will understand." 
         Confucius (551 BC - 479 BC); Chinese philosopher & reformer.
 
                   - Buffer overflow in Ethereal - 
   Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) 

Madrid, March 9 2005 - SecurityTracker has reported a buffer overflow in
Ethereal (*), which could be used by remote attackers to run arbitrary code
on vulnerable systems.

The problem is related to the Ethereal dissector for processing CDMA2000 A11
RADIUS authentication packets. Specifically, the dissect_a11_radius()
function in "packet-3g-a11.c" copies up to 256 bytes of user-supplied data
of a size specified by the user  in a 16 byte buffer. A remote user could
send a specially crafted packet to exploit the overflow and execute code on
the system. 

A demo exploit of the vulnerability is available, while the match is
available via SVN at http://ethereal.com/development.html.

(*) Ethereal is a network protocol analyzer, with versions for Windows and
Unix, widely used in administrative environments because of it.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's
free online scanner: 1)Netsky.P; 2)Mhtredir.gen; 3)Downloader.GK;
4)Shinwow.E; 5)Sdbot.ftp. 

------------------------------------------------------------

To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

Mike ~ one of the Moderators
It is a good day if I learned something new.
Editor MikesWhatsNews http://www.mwn.ca/

Other related posts:

  • » [virusinfo] Buffer overflow in Ethereal - 03/09/05
  1. Home
  2. virusinfo
  3. Archive
  4. 03-2005