{"vuid":"VU#542540","idnumber":"542540","name":"Ethereal DCE RPC dissector vulnerable to DoS","keywords":["Ethereal","DCERPC dissector","large amount of memory","NDR string"],"overview":"A vulnerability in Ethereal may allow a remote attacker to cause a denial of service.","clean_desc":"The Ethereal web site describes Ethereal as \"a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.\" \nEthereal includes the ability to examine packets containing DCE RPC data (DCE RPC is \"a facility for calling a procedure on a remote machine as if it were a local procedure call\"). The vulnerability exists in the way Ethereal's DCE RPC dissector allocates memory. For more information, please see Ethereal's announcement.","impact":"A remote attacker may be able to consume excessive amounts of memory, and potentially crash Ethereal.","resolution":"Upgrade to Ethereal version 0.9.13.","workarounds":"","sysaffected":"","thanks":"The CERT/CC thanks Ethereal for publishing \nenpa-sa-00010\n, upon which this document is based.","author":"This document was written by Ian A Finlay.","public":["http://rsusu1.rnd.runnet.ru/alpha/progtool/dce31unx/overview/Dceint63.htm","http://www.ethereal.com/appnotes/enpa-sa-00010.html","http://www.secunia.com/advisories/9007/","http://www.ethereal.com/"],"cveids":["CVE-2003-0428"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-06-12T13:58:00Z","publicdate":"2003-06-11T00:00:00Z","datefirstpublished":"2003-06-12T20:41:39Z","dateupdated":"2003-06-12T20:44:19Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"8","cam_easeofexploitation":"10","cam_attackeraccessrequired":"20","cam_scorecurrent":"7.5","cam_scorecurrentwidelyknown":"9","cam_scorecurrentwidelyknownexploited":"15","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":7.5,"vulnote":null}