http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=39585
User: gerald
Date: 2011/10/25 04:01 PM
Log:
Copy over r39508 from the trunk:
------------------------------------------------------------------------
r39508 | gerald | 2011-10-21 12:07:42 -0700 (Fri, 21 Oct 2011) | 6 lines
Changed paths:
M /trunk/wiretap/erf.c
From Huzaifa Sidhpurwala of Red Hat Security Response Team:
I found a heap-based buffer overflow, when parsing ERF file format.
The overflow seems to be controlled by the values read from the file,
and hence seems exploitable to me.
------------------------------------------------------------------------
Update the release notes.
Directory: /trunk-1.6/docbook/
Changes Path Action
+20 -1 release-notes.xml Modified
Directory: /trunk-1.6/wiretap/
Changes Path Action
+20 -0 erf.c Modified