Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:ETHEREAL:EIGRP-OF-STC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Ethereal EIGRP Protocol Dissector Overflow (STC)

Release Date

 2013/09/20

Update Number

 2302

Supported Platforms

 idp-4.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Ethereal EIGRP Protocol Dissector Overflow (STC)


This signature detects attempts to exploit a known vulnerability against Ethereal, a network analyzer application. Attackers can send a maliciously crafted EIGRP Membership Query response with an overly long prefix length to trigger a buffer overflow and execute arbitrary code.

Extended Description

Ethereal 0.10.3 has been released to address multiple vulnerabilities. These issues include: - Thirteen stack-based buffer overruns in various protocol dissectors (NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP). - A denial of service that is triggered by a zero length Presentation protocol selector. - Specially crafted RADIUS packets may cause a crash in Ethereal. - Corrupt color filter files may cause a crash in Ethereal. These issues may result in a denial of service or potentially be leveraged to execute arbitrary code in the instance of the buffer overruns.

Affected Products

  • Ethereal Group Ethereal 0.10.0
  • Ethereal Group Ethereal 0.10.1
  • Ethereal Group Ethereal 0.10.2
  • Ethereal Group Ethereal 0.8.13
  • Ethereal Group Ethereal 0.8.14
  • Ethereal Group Ethereal 0.8.18
  • Ethereal Group Ethereal 0.8.19
  • Ethereal Group Ethereal 0.9.0
  • Ethereal Group Ethereal 0.9.1
  • Ethereal Group Ethereal 0.9.10
  • Ethereal Group Ethereal 0.9.11
  • Ethereal Group Ethereal 0.9.12
  • Ethereal Group Ethereal 0.9.13
  • Ethereal Group Ethereal 0.9.14
  • Ethereal Group Ethereal 0.9.15
  • Ethereal Group Ethereal 0.9.16
  • Ethereal Group Ethereal 0.9.2
  • Ethereal Group Ethereal 0.9.3
  • Ethereal Group Ethereal 0.9.4
  • Ethereal Group Ethereal 0.9.5
  • Ethereal Group Ethereal 0.9.6
  • Ethereal Group Ethereal 0.9.7
  • Ethereal Group Ethereal 0.9.8
  • Ethereal Group Ethereal 0.9.9
  • Gentoo Linux 1.4.0
  • Gentoo Linux 1.4.0 _rc1
  • Gentoo Linux 1.4.0 _rc2
  • Gentoo Linux 1.4.0 _rc3
  • SGI ProPack 2.3.0
  • SGI ProPack 2.4.0
  • SGI ProPack 3.0.0

References

  • BugTraq: 9952
  • CVE: CVE-2004-0176
  • URL: http://www.securiteam.com/unixfocus/5AP0O15CAO.html
  • URL: http://www.kb.cert.org/vuls/id/119876
  • URL: http://www.security.nnov.ru/search/document.asp?docid=5954

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out