CVE-2002-1356

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.7 and earlier

Description: The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors. This could be related to a missing field for EndVerifyAck messages.

Recommendations: For Ethereal versions 0.9.7 and earlier, consider disabling the LMP, PPP, or TDS dissectors as a temporary workaround until a patch is available. Restrict access to these dissectors to minimize the risk of exploitation.