The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ethereal | Ethereal_group | 0.10.1 (including) | 0.10.1 (including) |
Ethereal | Ethereal_group | 0.10.2 (including) | 0.10.2 (including) |
Ethereal | Ethereal_group | 0.10.3 (including) | 0.10.3 (including) |
Ethereal | Ethereal_group | 0.10.4 (including) | 0.10.4 (including) |
Ethereal | Ethereal_group | 0.10.5 (including) | 0.10.5 (including) |
Ethereal | Ethereal_group | 0.10.6 (including) | 0.10.6 (including) |
Ethereal | Ethereal_group | 0.10.7 (including) | 0.10.7 (including) |