Re: [Full-Disclosure] Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit

From: Joerg Mayer (jmayer_at_loplof.de)
Date: 03/28/04

  • Next message: Steven Dowd: "[Full-Disclosure] backdoor irc"
    To: Lan Guy <rlanguy@hotmail.com>
    Date: Sun, 28 Mar 2004 16:44:31 +0200
    
    

    On Sun, Mar 28, 2004 at 03:43:33PM +0200, Lan Guy wrote:
    > is ethereal ver 0.10.3 released 25th March 2004 still vulnerable?

    No, it isn't. Please have a look at the Ethereal 0.10.3 release notes.
    They state that the bug has been fixed (plus about a dozen more). Or, if
    you do not want to believe them, check the source (cvs diff).

     Ciao
       Joerg

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Steven Dowd: "[Full-Disclosure] backdoor irc"

    Relevant Pages

    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Facebook Attach EXE Vulnerability
      ... Nice bug, and, atleast you worked with them to reproduce, you realise ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... [Full-disclosure] Filezilla's silent caching of user's credentials ... I still see this a simple matter of violating KISS to introduce a layer of encryption. ... This bug is not being used to break into nuclear reactors in Iran, ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
      (Full-Disclosure)