Description
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp.
Product(s):
- Ethereal Group Ethereal 0.10.0
- Ethereal Group Ethereal 0.10.0a
- Ethereal Group Ethereal 0.10.1
- Ethereal Group Ethereal 0.10.2
- Ethereal Group Ethereal 0.10.3
- Ethereal Group Ethereal 0.10.4
- Ethereal Group Ethereal 0.10.5
- Ethereal Group Ethereal 0.10.6
- Ethereal Group Ethereal 0.10.7
- Ethereal Group Ethereal 0.9.0
- Ethereal Group Ethereal 0.9.10
- Ethereal Group Ethereal 0.9.11
- Ethereal Group Ethereal 0.9.12
- Ethereal Group Ethereal 0.9.13
- Ethereal Group Ethereal 0.9.14
- Ethereal Group Ethereal 0.9.15
- Ethereal Group Ethereal 0.9.16
- Ethereal Group Ethereal 0.9.1
- Ethereal Group Ethereal 0.9.2
- Ethereal Group Ethereal 0.9.3
- Ethereal Group Ethereal 0.9.4
- Ethereal Group Ethereal 0.9.5
- Ethereal Group Ethereal 0.9.6
- Ethereal Group Ethereal 0.9.7
- Ethereal Group Ethereal 0.9.8
- Ethereal Group Ethereal 0.9.9
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-1140, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-1140 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.