CVE-2011-3369 Information

Description

The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet related to the get_rpc function in decode_proto.c.

Reference

http://etherape.sourceforge.net/NEWS.html http://secunia.com/advisories/45989 http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712 http://www.openwall.com/lists/oss-security/2011/09/19/4 http://www.openwall.com/lists/oss-security/2011/09/22/1