Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:ETHEREAL:3G-A11-B0F

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Ethereal 3G-A11

Release Date

 2005/03/28

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Ethereal 3G-A11


This signature detects attempts to exploit a known vulnerability in Ethereal, a protocol analyzer. Ethereal versions 0.10.3 to 0.10.9 are vulnerable. Attackers can send an overly large string to overflow the buffer in the 3G-A11 protocol function, which dissects RADIUS authentication communications. Attackers can then execute arbitrary code with the permissions of the Ethereal user, typically root.

Extended Description

A remote buffer-overflow vulnerability reportedly affects Ethereal because it fails to securely copy network-derived data into sensitive process buffers. The specific issue resides in the 3GPP2 A11 dissector. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

Affected Products

  • ALT Linux ALT Linux Compact 2.3.0
  • ALT Linux ALT Linux Junior 2.3.0
  • Avaya Converged Communications Server 2.0.0
  • Avaya S8300 R2.0.0
  • Avaya S8300 R2.0.1
  • Avaya S8500 R2.0.0
  • Avaya S8500 R2.0.1
  • Avaya S8700 R2.0.0
  • Avaya S8700 R2.0.1
  • Avaya S8710 R2.0.0
  • Avaya S8710 R2.0.1
  • Conectiva Linux 10.0.0
  • Conectiva Linux 9.0.0
  • Ethereal Group Ethereal 0.10.0
  • Ethereal Group Ethereal 0.10.1
  • Ethereal Group Ethereal 0.10.2
  • Ethereal Group Ethereal 0.10.3
  • Ethereal Group Ethereal 0.10.4
  • Ethereal Group Ethereal 0.10.5
  • Ethereal Group Ethereal 0.10.6
  • Ethereal Group Ethereal 0.10.7
  • Ethereal Group Ethereal 0.10.8
  • Ethereal Group Ethereal 0.10.9
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora Core1
  • Red Hat Fedora Core2
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386

References

  • BugTraq: 12759
  • CVE: CVE-2005-0699
  • URL: http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04
  • URL: http://www.ethereal.com/appnotes/enpa-sa-00018.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out