Cain & Abel HTTP sniffer filter buffer overflow
| cain-abel-http-filter-bo (19744) |  High Risk |
Description:
Cain & Abel is vulnerable to a buffer overflow, caused by improper bounds checking of user-supplied input in the HTTP sniffer filter. A remote attacker could exploit this vulnerability to overflow a buffer.
Platforms Affected:
- Massimiliano Montoro, Cain & Abel prior to 2.66
Remedy:
Upgrade to the latest version of Cain & Abel (2.66 or later), available from the Cain & Abel Web page. See References.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Fri Mar 18 2005 - 05:06:09 CST , Cain & Abel PSK Sniffer Heap overflow at http://archives.neohapsis.com/archives/bugtraq/2005-03/0314.html.
- Cain & Abel Web page, oxid.it at http://www.oxid.it/cain.html.
- BID-12840: Massimiliano Montoro Cain & Abel PSK Sniffer Remote Heap Buffer Overflow Vulnerability
- CVE-2005-0807: Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
- SA14630: Cain & Abel IKE-PSK / HTTP Sniffer Buffer Overflow Vulnerabilities
- SECTRACK ID: 1013476: Cain Abel Buffer Overflow in PSK Sniffer Lets Remote Users Execute Arbitrary Code
Reported:
Mar 18, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net