Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 1613] New: Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-2188

Wireshark-bugs: [Wireshark-bugs] [Bug 1613] New: Crash in LDAP dissector on Windows: 0.99.4, 0.9

Date: Wed, 23 May 2007 14:01:52 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1613

           Summary: Crash in LDAP dissector on Windows: 0.99.4, 0.99.5,
                    0.99.6-SVN-21889
           Product: Wireshark
           Version: 0.99.5
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: High
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: cjorden@xxxxxxxxx


Build Information:
Version 0.99.5 (SVN Rev 20677)

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.10.7, with GLib 2.12.7, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0
(packet.dll version 4.0.0.755), based on libpcap version 0.9.5, without
AirPcap.

Built using Microsoft Visual C++ 6.0 build 8804

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Every time I try to open the attached file in a recent windows build of
Wireshark, when the LDAP dissector is enabled, Wireshark crashes.

If I open the file on my Linux box(Gentoo, WireShark 0.99.5), I am able to read
the file without issue with the dissector enabled.

I have verified this crash on three windows machines, and with WireShark
0.99.4, 0.99.5, and 0.99.6-SVN-21889 - all the windows automated builds.

This packet was modified (MAC,IP,LDAP data - all changed) from a packet
actually captured on the wire, and I was unable to read it with Wireshark on
Windows.  I am concerned that this could potentially be an exploitable defect.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Follow-Ups:
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 1512] Acces to uninitialized memory in packet-smpp
Next by Date: [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
Previous by thread: [Wireshark-bugs] [Bug 1612] Crash when parsing a packet containing an HTTP 302 from Yahoo Mail
Next by thread: [Wireshark-bugs] [Bug 1613] Crash in LDAP dissector on Windows: 0.99.4, 0.99.5, 0.99.6-SVN-21889
Index(es):
- Date
- Thread