An Ethreal Security Advisories reports:
Issues have been discovered in the following protocol dissectors:
- Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash.
- An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling available disk space.
- The HTTP dissector could access previously-freed memory, causing a crash.
- Brian Caswell discovered that an improperly formatted SMB packet could make Ethereal hang, maximizing CPU utilization.
Impact: It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Officer. Refer to "FreeBSD Security Information" for more information.