Wireshark-bugs: [Wireshark-bugs] [Bug 2926] New: assertion on malformed .ncf file (from milw0rm)

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 1 Oct 2008 06:28:35 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2926

           Summary: assertion on malformed .ncf file (from milw0rm)
           Product: Wireshark
           Version: 1.0.3
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jeff.morriss.ws@xxxxxxxxx


Created an attachment (id=2293)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2293)
malformed .ncf file

Build Information:
TShark 1.1.2 (SVN Rev 26326)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.14.6, with libpcap 0.9.7, with libz 1.2.3, with POSIX
capabilities (Linux), without libpcre, without SMI, without c-ares, without
ADNS, without Lua, with GnuTLS 1.6.3, with Gcrypt 1.2.4, with MIT Kerberos.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Linux 2.6.25.4-10.fc8, with libpcap version 0.9.7.

Built using gcc 4.1.2 20070925 (Red Hat 4.1.2-33).

--
I was informed that the site milw0rm.com had a DoS against Wireshark, detailed
here:

http://www.milw0rm.com/exploits/6622

with the offending attachment here (and also attached to this bug report):

http://milw0rm.com/sploits/2008-wireshark.ncf

Wiretap is asserting out.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.