Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages.
References
Link | Resource |
---|---|
http://www.ethereal.com/appnotes/enpa-sa-00007.html | Patch Vendor Advisory URL Repurposed |
http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-lmp.c#rev1.13 | URL Repurposed |
http://www.redhat.com/support/errata/RHSA-2002-290.html | Patch Vendor Advisory |
http://www.ethereal.com/appnotes/enpa-sa-00007.html | Patch Vendor Advisory URL Repurposed |
http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-lmp.c#rev1.13 | URL Repurposed |
http://www.redhat.com/support/errata/RHSA-2002-290.html | Patch Vendor Advisory |
Configurations
History
20 Nov 2024, 23:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.ethereal.com/appnotes/enpa-sa-00007.html - Patch, Vendor Advisory, URL Repurposed | |
References | () http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-lmp.c#rev1.13 - URL Repurposed | |
References | () http://www.redhat.com/support/errata/RHSA-2002-290.html - Patch, Vendor Advisory |
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-lmp.c#rev1.13 - URL Repurposed | |
References | (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00007.html - Patch, Vendor Advisory, URL Repurposed |
Information
Published : 2002-12-23 05:00
Updated : 2024-11-20 23:41
NVD link : CVE-2002-1356
Mitre link : CVE-2002-1356
CVE.ORG link : CVE-2002-1356
JSON object : View
Products Affected
ethereal_group
- ethereal
CWE