Full Disclosure mailing list archives
ADVISORY # -Thu Mar 16 14:09:58 EST 2006- # Integer Overflow in Ethereal
From: str0ke <str0ke () milw0rm com>
Date: Thu, 16 Mar 2006 19:10:02 +0000 (GMT)
ADVISORY # -Thu Mar 16 14:09:58 EST 2006- # Integer Overflow in Ethereal ========================================= 8===D BACKGROUND ========================================= This problem has no background commentary on this vulnerability in question. ========================================= 8===D DESCRIPTION ========================================= Ethereal incorrectly parses integer data, and this can be used to execute arbitrary code. ========================================= 8===D HISTORY ========================================= 2/1/2006 8==D Vendor Notification. 28/2/2006 8==D Vendor Reply. 16/3/2006 8==D Public Disclosure. ========================================= 8===D WORKAROUND ========================================= This problem has no workarounds on the problem. ========================================= 8===D VENDOR RESPONSE ========================================= Ethereal has offered no identified information about this problem at hand. ========================================= CONTACT ========================================= str0ke lolville () spam la 1-888-565-9428 CCE GREM SSP-CNSA GIPS CAP SSCP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ADVISORY # -Thu Mar 16 14:09:58 EST 2006- # Integer Overflow in Ethereal str0ke (Mar 16)
