An Ethreal Security Advisories reports:
Issues have been discovered in the following protocol dissectors:
- The COPS dissector could go into an infinite loop. CVE: CAN-2005-0006
- The DLSw dissector could cause an assertion. CVE: CAN-2005-0007
- The DNP dissector could cause memory corruption. CVE: CAN-2005-0008
- The Gnutella dissector could cuase an assertion. CVE: CAN-2005-0009
- The MMSE dissector could free statically-allocated memory. CVE: CAN-2005-0010
- The X11 dissector is vulnerable to a string buffer overflow. CVE: CAN-2005-0084
Impact: It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Officer. Refer to "FreeBSD Security Information" for more information.