The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ethereal | Ethereal_group | 0.10.1 (including) | 0.10.1 (including) |
Ethereal | Ethereal_group | 0.10.2 (including) | 0.10.2 (including) |
Ethereal | Ethereal_group | 0.10.3 (including) | 0.10.3 (including) |
Ethereal | Ethereal_group | 0.10.4 (including) | 0.10.4 (including) |
Ethereal | Ethereal_group | 0.10.5 (including) | 0.10.5 (including) |
Ethereal | Ethereal_group | 0.10.6 (including) | 0.10.6 (including) |
Ethereal | Ethereal_group | 0.10.7 (including) | 0.10.7 (including) |
Red Hat Enterprise Linux 3 | RedHat | ethereal-0:0.10.9-1.EL3.1 | * |
Red Hat Enterprise Linux 4 | RedHat | ethereal | * |
Ethereal | Ubuntu | dapper | * |
Wireshark | Ubuntu | devel | * |
Wireshark | Ubuntu | edgy | * |
Wireshark | Ubuntu | feisty | * |