Ethereal-dev: Re: [Ethereal-dev] Re: ethereal bug

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "West E Coile" <coilew@xxxxxxx>
Date: Mon, 24 Feb 2003 17:21:40 -0500
As I said, I already tested in on linux and windows, which were =not=
vulnerable, even using older ethereal versions.   FreeBSD ethereal
crashed, using 0.9.7.  I didn't see a later version available for that
OS.  

>>> "Greg Morris" <GMORRIS@xxxxxxxxxx> 02/24/03 16:33 PM >>>
All,
 
Can anyone test with 0.9.9 to see if the attached trace causes any
problems on Linux, OpenBSD, Sun, AIX, HPUX, etc.. 
 
It has been tested to work on Windows and FreeBSD. The trace reportedly
crashed Ethereal version 0.9.7. Just attempting to verify that the crash
is resolved in version 0.9.9.
 
Thanks,
Greg
 
Well,
 
I tested it against verson 0.9.9 on Windows and didn't have any
problems. The packet is a NDS resolve name request with no name passed
as a parameter. This is more then likely what was causing the crash in
0.9.7. I will carbon this to the ethereal-dev group to see if anyone can
test on other OS's.
 
Thanks,
Greg

>>> "West E Coile" <coilew@xxxxxxx> 2/24/2003 12:46:21 PM >>>

Again, note that I only had this problem in FreeBSD, not in linux or
windows.  I didn't test OpenBSD, Sun, AIX, HPUX, etc.

I realize that other OS's have higher current versions, but 0.9.7 was
the latest available via the ports collection in CVS for FreeBSD 4.7,
AFAIK.  That was also the latest version listed for FreeBSD on the
main
ethereal website.

I'd be very interested in hearing the evolution of this, so please
keep
me in the loop.  I'll do what I can to assist.

-West


_______________________________
          /"\
          \ /     ASCII Ribbon Campaign
           X      Against HTML Mail
          / \

Standard Disclaimer applies...the views expressed are not necessarily
those of my employer, yadda, yadda, yadda...

West E. Coile  <coilew@xxxxxxx>
US GAO - Applied Reseach and Methods
441 G St. NW, Washington, DC 20548
Voice (202)512-9324  Fax (202)512-9193  


>>> "Greg Morris" <GMORRIS@xxxxxxxxxx> 02/24/03 13:53 PM >>>
Please send me a trace of the packet that caused the crash. There have
been many changes since 0.9.7 so more then likely it has been fixed
but
just in case....

Thanks,
Greg

>>> "West E Coile" <CoileW@xxxxxxx> 2/24/2003 11:10:19 AM >>>

Hi.  You may already know this, but Ethereal/tethereal 0.9.7 crashes
on
FBSD 4.7 if handed a fairly common fragmented NCP packet.  I checked
Ethereal/tethereal 0.9.9 on linux and windows, which did not appear
vulnerable.  I did not check Sun or OBSD.  I can provide an example
packet, if you need it.

I saw your names on the developers list for ethereal, so I thought you
should know.