The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ethereal | Ethereal_group | 0.9.15 (including) | 0.9.15 (including) |
Ethereal | Ethereal_group | 0.10.4 (including) | 0.10.4 (including) |
Red Hat Enterprise Linux 3 | RedHat | ethereal-0:0.10.5-0.30E.2 | * |