An Ethreal Security Advisories reports:
An aggressive testing program as well as independent discovery has turned up a multitude of security issues:
- The ANSI A dissector was susceptible to format string vulnerabilities. Discovered by Bryan Fulton.
- The GSM MAP dissector could crash.
- The AIM dissector could cause a crash.
- The DISTCC dissector was susceptible to a buffer overflow. Discovered by Ilja van Sprundel
- The FCELS dissector was susceptible to a buffer overflow. Discovered by Neil Kettle
- The SIP dissector was susceptible to a buffer overflow. Discovered by Ejovi Nuwere.
- The KINK dissector was susceptible to a null pointer exception, endless looping, and other problems.
- The LMP dissector was susceptible to an endless loop.
- The Telnet dissector could abort.
- The TZSP dissector could cause a segmentation fault.
- The WSP dissector was susceptible to a null pointer exception and assertions.
- The 802.3 Slow protocols dissector could throw an assertion.
- The BER dissector could throw assertions.
- The SMB Mailslot dissector was susceptible to a null pointer exception and could throw assertions.
- The H.245 dissector was susceptible to a null pointer exception.
- The Bittorrent dissector could cause a segmentation fault.
- The SMB dissector could cause a segmentation fault and throw assertions.
- The Fibre Channel dissector could cause a crash.
- The DICOM dissector could attempt to allocate large amounts of memory.
- The MGCP dissector was susceptible to a null pointer exception, could loop indefinitely, and segfault.
- The RSVP dissector could loop indefinitely.
- The DHCP dissector was susceptible to format string vulnerabilities, and could abort.
- The SRVLOC dissector could crash unexpectedly or go into an infinite loop.
- The EIGRP dissector could loop indefinitely.
- The ISIS dissector could overflow a buffer.
- The CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, and X.509 dissectors could overflow buffers.
- The NDPS dissector could exhaust system memory or cause an assertion, or crash.
- The Q.931 dissector could try to free a null pointer and overflow a buffer.
- The IAX2 dissector could throw an assertion.
- The ICEP dissector could try to free the same memory twice.
- The MEGACO dissector was susceptible to an infinite loop and a buffer overflow.
- The DLSw dissector was susceptible to an infinite loop.
- The RPC dissector was susceptible to a null pointer exception.
- The NCP dissector could overflow a buffer or loop for a large amount of time.
- The RADIUS dissector could throw an assertion.
- The GSM dissector could access an invalid pointer.
- The SMB PIPE dissector could throw an assertion.
- The L2TP dissector was susceptible to an infinite loop.
- The SMB NETLOGON dissector could dereference a null pointer.
- The MRDISC dissector could throw an assertion.
- The ISUP dissector could overflow a buffer or cause a segmentation fault.
- The LDAP dissector could crash.
- The TCAP dissector could overflow a buffer or throw an assertion.
- The NTLMSSP dissector could crash.
- The Presentation dissector could overflow a buffer.
- Additionally, a number of dissectors could throw an assertion when passing an invalid protocol tree item length.
Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Officer. Refer to "FreeBSD Security Information" for more information.