Intrusion Prevention

Ethereal.iSNS.Zero.Length.Crash

Description

It indicates a possible exploit of an Integer Overflow vulnerability in the iSNS dissector for Ethereal/Wireshark.
A remote attacker could cause Ethereal to crash via a specially crafted packet.

Affected Products

Ethereal 0.10.3 - 0.10.4

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version of Ethereal (now known as Wireshark):
https://www.wireshark.org/download.html

CVE References

CVE-2004-0633