Nadam se da me ne pozivas na red....
To je neki tip koji je nezavisno od mene otkrio taj bug i prvi ga prijavio
developerima i sad je ljut jer sam ga ja prvi poslao na bugtraq.
Odgovorio sam na taj njegov mail, no taj post ces vidjeti tek sutra na
bugraqu, pa ga evo sada c/p-anog:
From me ........
---------------------------------------------------------------------------
Hi folks,
>>Diego Giagio
>This vulnerability was first discovered by me, on 01/Mar/2005.
> The vendor was immediatelly contacted, as you can see below:
>
>
http://marc.theaimsgroup.com/?...&m=110973103628823&w=2
>
http://marc.theaimsgroup.com/?...&m=110973731214683&w=2
>
Sorry, but I've discovered that Ethereal bug more than three weeks ago,
and developers were contacted few days ago (7/Mar/2005).
They said that vulnerability is already known to them, bug is fixed,
and that new version will be out during this week.
After that, advisory was sent to Bugtraq :).
I've never seen that URL before Ethereal developers pointed me to
the first one. Even if I would saw that URL before, in your post
mentioned before you've just said that there is some vulnerability in
Ethereal, and that exploit is developed as PoC, so how could I steal
anything from you???
Diego, please stop sending mails to LSS Security that we've
*STOLED* that bug from you because that is silly, and because
I would never do something like that.
If you don't believe me, here is mail transcript between me and Ethereal
developers related to this bugreport:
-----------------------------------------------------------
Leon Juranic wrote:
>>
>>> Hi,
>>>
>>> During our audit of Ethereal, we have discovered stack buffer overflow
>>> vulnerability in packet-3g-a11.c dissector that can be exploited remotely.
>>> More informations and PoC exploit are in attach.
>>> We will release this advisory in a next few days.
>>> Is that ok with you?
>>
Richard Sharpe wrote:
>> Can you wait a few more days please.
>>
>> We have a release occurring this week to fix another security problem, so
>> we would like a chance to roll this one in as well.
>
Guy Harris wrote:
> From a quick look, it appears that, unless I've missed something, this one
> *is* the other security problem.
>
> Leon, you might want to look at the current SVN version of packet-3g-a11.c -
> in particular, this change:
>
>
http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/
> dissectors/packet-3g-a11.c?rev=13574&r1=13562&r2=13574
>
> (which cleans up some other potential problems). Buildbot builds (Windows
> binaries and source tarballs) can be found at
>
>
http://netmirror.org/mirror/ftp.ethereal.com/buildbot-builds/
>
> (avoiding the trans-Atlantic hop that the main Ethereal site would require) -
> get a version with a number >= 13574.
>
Guy Harris wrote:
>
>> BTW: Who notified you about that vulnerability,
>> Diego Giagio
>
>> and when?
>> A few days ago:
>
>
http://www.ethereal.com/lists/ethereal-dev/200503/msg00023.html
>> and later private mail giving details.
>
-----------------------------------------------------------
Regards,
------------------------------------------
Leon Juranic, LSS Security
http://security.lss.hr
"Born under the lucky star magical,
but on this world generally tragical".
- Djole
Leon Juranic
Ethereal it-was-0day remote buffer overflow
