Page 12 of 68 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. • https://www.exploit-db.com/exploits/874 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://marc.info/?l=bugtraq&m=111066805726551&w=2 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 http://www.debian.org/security/2005/dsa-718 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/ • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 2%CPEs: 27EXPL: 3

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values. • http://marc.info/?l=bugtraq&m=111038641832400&w=2 http://marc.info/?l=bugtraq&m=111083125521813&w=2 http://security.gentoo.org/glsa/glsa-200503-16.xml http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-306.html& •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop). • http://secunia.com/advisories/13946 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.ethereal.com/appnotes/enpa-sa-00017.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-011.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.securityfocus& •

CVSS: 7.5EPSS: 3%CPEs: 38EXPL: 0

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. • http://secunia.com/advisories/13946 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.debian.org/security/2005/dsa-653 http://www.ethereal.com/appnotes/enpa-sa-00017.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.securityfocus.com/bid •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory. • http://secunia.com/advisories/13946 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.ethereal.com/appnotes/enpa-sa-00017.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-011.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.securityfocus& •