CVE-2011-3369

Name of the Vulnerable Software and Affected Versions EtherApe versions prior to 0.9.12

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via an RPC packet. This is related to the get rpc function in decode proto.c and the add conversation function in conversations.c.

Recommendations For versions prior to 0.9.12, update to version 0.9.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the RPC functionality to minimize the risk of exploitation.