• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Ethereal Multiple Dissector String Handling Vulnerabilities

Several dissectors included with Ethereal do not properly handle strings. Exploitation of this issue may allow an attacker to cause Ethereal to behave in an unpredictable manner. The BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, ISIS, and RMI dissectors are vulnerable to this issue.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

Due to the nature of this vulnerability, it may be possible for an attacker to create a situation in which sensitive memory could be overwritten.