VULHUB ™

Ethereal 0.10.8 has been released to address multiple vulnerabilities. These issues are reported to cause denial-of-service conditions in the application; some issues may allow arbitrary code execution. The following specific issues were specified: - A denial-of-service vulnerability presents itself in the DICOM dissector. - Another denial-of-service vulnerability occurs when handling a malformed RTP timestamp. - Another denial of service arises when Ethereal processes a specially crafted SMB packet. - The HTTP dissector may allow a remote attacker to access memory that was previously freed. This BID will be updated as more information becomes available.

Ethereal 0.10.8 has been released to address multiple vulnerabilities. These issues are reported to cause denial-of-service conditions in the application; some issues may allow arbitrary code execution. The following specific issues were specified: - A denial-of-service vulnerability presents itself in the DICOM dissector. - Another denial-of-service vulnerability occurs when handling a malformed RTP timestamp. - Another denial of service arises when Ethereal processes a specially crafted SMB packet. - The HTTP dissector may allow a remote attacker to access memory that was previously freed. This BID will be updated as more information becomes available.