[VIM] CVE Ethereal Overlap?
Steven M. Christey
coley at linus.mitre.org
Thu May 12 17:17:25 EDT 2005
On Sun, 8 May 2005, security curmudgeon wrote:
> I'm working through the 50+ Ethereal breakout.. fun times =)
> Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4)
> EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal
> before 0.10.11 allow remote attackers to cause a denial of service
> (infinite loop).
> So the RSVP dissector is vuln to an infinite loop DoS..
> Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of
> service (infinite loop) via a crafted RSVP packet of length 4.
> which refs:
> BUGTRAQ:20050426 tcpdump(/ethereal): (RSVP) rsvp_print() infinite loop
> i'd imagine 2005-1464 #8 is the same as 2005-1281?
Probably. I'll send a confirmation email just to be sure, though.
More information about the VIM