Well,
I tested it against verson 0.9.9 on Windows and didn't have any problems.
The packet is a NDS resolve name request with no name passed as a parameter.
This is more then likely what was causing the crash in 0.9.7. I will carbon this
to the ethereal-dev group to see if anyone can test on other OS's.
Thanks,
Greg
>>> "West E Coile" <coilew@xxxxxxx> 2/24/2003
12:46:21 PM >>>
Again, note that I only had this problem in FreeBSD, not in linux
or windows. I didn't test OpenBSD, Sun, AIX, HPUX, etc.
I
realize that other OS's have higher current versions, but 0.9.7 was the
latest available via the ports collection in CVS for FreeBSD
4.7, AFAIK. That was also the latest version listed for FreeBSD on the
main ethereal website.
I'd be very interested in hearing the evolution
of this, so please keep me in the loop. I'll do what I can to
assist.
-West
_______________________________
/"\ \
/ ASCII Ribbon
Campaign
X Against HTML
Mail /
\
Standard Disclaimer applies...the views expressed are not
necessarily those of my employer, yadda, yadda, yadda...
West E.
Coile <coilew@xxxxxxx> US GAO - Applied Reseach and
Methods 441 G St. NW, Washington, DC 20548 Voice (202)512-9324 Fax
(202)512-9193
>>> "Greg Morris"
<GMORRIS@xxxxxxxxxx> 02/24/03 13:53 PM >>> Please send me a
trace of the packet that caused the crash. There have been many changes since
0.9.7 so more then likely it has been fixed but just in
case....
Thanks, Greg
>>> "West E Coile"
<CoileW@xxxxxxx> 2/24/2003 11:10:19 AM >>>
Hi. You
may already know this, but Ethereal/tethereal 0.9.7 crashes on FBSD 4.7 if
handed a fairly common fragmented NCP packet. I
checked Ethereal/tethereal 0.9.9 on linux and windows, which did not
appear vulnerable. I did not check Sun or OBSD. I can provide an
example packet, if you need it.
I saw your names on the developers
list for ethereal, so I thought you should
know.
|