[17706] in bugtraq
Re: [hacksware] Ethereal 0.8.13 AFS ACL parsing buffer overflow
daemon@ATHENA.MIT.EDU (Kris Kennaway)
Mon Nov 20 14:19:12 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="TB36FDmn/VVEgNH/"
Content-Disposition: inline
Message-Id: <20001119171703.A4155@citusc17.usc.edu>
Date: Sun, 19 Nov 2000 17:17:03 -0800
Reply-To: Kris Kennaway <kris@FREEBSD.ORG>
From: Kris Kennaway <kris@FREEBSD.ORG>
X-To: JW Oh <mat@IVNTECH.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.30.0011182135430.18275-100000@ivntech.com>; from
mat@IVNTECH.COM on Sat, Nov 18, 2000 at 09:36:32PM +0900
--TB36FDmn/VVEgNH/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Nov 18, 2000 at 09:36:32PM +0900, JW Oh wrote:
> Bug Report
>=20
> 1. Name: Ethereal 0.8.13 AFS ACL parsing buffer overflow bug
> 2. Release Date: 2000.11.18
> 3. Affected Application:
> Ethereal 0.8.13(latest version)
> http://www.ethereal.com/
> ethereal-web@ethereal.com
> 4. Author: mat@hacksware.com
Looks awfully similar to the identical bug we found in tcpdump. Due
credit, please!
Kris
--TB36FDmn/VVEgNH/
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjoYe48ACgkQWry0BWjoQKUdvgCeP1usIejWlWCRGIerpW7RFU6m
9FUAoNIc0Fdy1xsPxTqytICZgB06xEpY
=kYVN
-----END PGP SIGNATURE-----
--TB36FDmn/VVEgNH/--
