Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:ETHEREAL:EIGRP-OF

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Ethereal EIGRP Protocol Dissector Overflow

Release Date

 2006/11/20

Update Number

 1213

Supported Platforms

 idp-4.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Ethereal EIGRP Protocol Dissector Overflow


This signature detects attempts to exploit a known vulnerability against Ethereal, a network analyzer application. Attackers can send a maliciously crafted EIGRP Membership Query response with an overly long prefix length to trigger a buffer overflow and execute arbitrary code.

Extended Description

Ethereal 0.10.3 has been released to address multiple vulnerabilities. These issues include: - Thirteen stack-based buffer overruns in various protocol dissectors (NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP). - A denial of service that is triggered by a zero length Presentation protocol selector. - Specially crafted RADIUS packets may cause a crash in Ethereal. - Corrupt color filter files may cause a crash in Ethereal. These issues may result in a denial of service or potentially be leveraged to execute arbitrary code in the instance of the buffer overruns.

Affected Products

  • Ethereal_group ethereal 0.10.0
  • Ethereal_group ethereal 0.10.1
  • Ethereal_group ethereal 0.10.2
  • Ethereal_group ethereal 0.8.13
  • Ethereal_group ethereal 0.8.14
  • Ethereal_group ethereal 0.8.18
  • Ethereal_group ethereal 0.8.19
  • Ethereal_group ethereal 0.9.0
  • Ethereal_group ethereal 0.9.1
  • Ethereal_group ethereal 0.9.10
  • Ethereal_group ethereal 0.9.11
  • Ethereal_group ethereal 0.9.12
  • Ethereal_group ethereal 0.9.13
  • Ethereal_group ethereal 0.9.14
  • Ethereal_group ethereal 0.9.15
  • Ethereal_group ethereal 0.9.16
  • Ethereal_group ethereal 0.9.2
  • Ethereal_group ethereal 0.9.3
  • Ethereal_group ethereal 0.9.4
  • Ethereal_group ethereal 0.9.5
  • Ethereal_group ethereal 0.9.6
  • Ethereal_group ethereal 0.9.7
  • Ethereal_group ethereal 0.9.8
  • Ethereal_group ethereal 0.9.9
  • Gentoo linux 1.4.0
  • Gentoo linux 1.4.0 _rc1
  • Gentoo linux 1.4.0 _rc2
  • Gentoo linux 1.4.0 _rc3
  • Sgi propack 2.3.0
  • Sgi propack 2.4.0
  • Sgi propack 3.0.0

References

  • BugTraq: 9952
  • CVE: CVE-2004-0176
  • URL: http://www.security.nnov.ru/search/document.asp?docid=5954
  • URL: http://www.kb.cert.org/vuls/id/119876
  • URL: http://www.securiteam.com/unixfocus/5AP0O15CAO.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out