Ethereal Multiple Protocol Dissector Vulnerabilities In Versions Prior To 0.99.0
The vendor has disclosed several vulnerabilities in Ethereal. The reported issues are in various protocol dissectors. These issues include:
- Buffer-overflow vulnerabilities
- Denial-of-service vulnerabilities
- Infinite loop denial-of-service vulnerabilities
- Unspecified denial-of-service vulnerabilities
- Off-by-one overflow vulnerabilities
These issues could allow remote attackers to execute arbitrary machine code in the context of the vulnerable application. Attackers could also crash the affected application.
Various vulnerabilities affect different versions of Ethereal, from 0.8.5 through to 0.10.14.