-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lan Guy wrote:
| is ethereal ver 0.10.3 released 25th March 2004 still vulnerable?
0.10.3 was released in response to multiple vulnerabilities, one of which included a buffer overflow in the IGAP dissector attributed to Stefan Esser.
http://security.e-matters.de/advisories/032004.html
The important bit:
"When parsing an IGAP protocol packet that contains either an overlong accountname (>17) or an overlong message (>65) different buffers may overflow the stack, allowing an over-write of up to 238 (or 190) bytes. In both cases remote code execution exploitation is possible."
The posted code generates an oversized message, exploiting the buffer overflow fixed in 0.10.3.
Cael
PS: Do your own homework next time. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAZu+2R2vQ2HfQHfsRAsNOAJ9U4tOzf+0YaDA6FXtHNlJ5gMIFJACgnmfN 7W/vUatOCQd9FV6WWWkE/dA= =u7So -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
