Ethereal NTLMSSP Dissector Heap Corruption Vulnerability

The NTLMSSP dissector is a mechanism for evaluating packets that use the NTLM protocol. A heap corruption vulnerability has been reported for some versions of the dissector.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

An attacker may be able to exploit this vulnerability by crafting a specially formed packet and sending it to a system using the NTLMSSP dissector or by convincing a victim user to use Ethereal to read a malformed packet trace file.

Due to the nature of this vulnerability it may be possible for an attacker to create a situation in which sensitive memory could be overwritten which may result in code execution.


Privacy Statement
Copyright 2010, SecurityFocus