CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2003-0356
https://notcve.org/view.php?id=CVE-2003-0356
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions. Múltiples vulnerabilidades off-by-one en Ethereal 0.9.11 y anteriores permiten que atacantes remotos provoquen una denegación de servicio y posiblemente ejecuten código arbitrario mediante disectores (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, y (11) TSP, ya que no están usando apropiadamente las funciones tvb_get_nstringz y tvb_get_nstringz0. • http://www.debian.org/security/2003/dsa-313 http://www.ethereal.com/appnotes/enpa-sa-00009.html http://www.kb.cert.org/vuls/id/641013 http://www.mandriva.com/security/advisories?name=MDKSA-2003:067 http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A69 https://access.redhat.com/security/cve/CVE-2003-0356 https://bugzilla.redhat.com/show_bug.cgi?id=1617020 • CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 0CVE-2003-0357
https://notcve.org/view.php?id=CVE-2003-0357
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. Múltiples vulnerabilidades de desbordamiento de búfer en Ethereal 0.9.11 y anteriores permiten que atacantes remotos provoquen una denegación de servicio y posiblemente ejecuten código arbitrario mediante los disectores (1) Mount y (2) PPP • http://rhn.redhat.com/errata/RHSA-2003-077.html http://www.debian.org/security/2003/dsa-313 http://www.ethereal.com/appnotes/enpa-sa-00009.html http://www.kb.cert.org/vuls/id/232164 http://www.kb.cert.org/vuls/id/361700 http://www.mandriva.com/security/advisories?name=MDKSA-2003:067 http://www.securityfocus.com/bid/7494 http://www.securityfocus.com/bid/7495 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A73 https://access& •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2002-0834
https://notcve.org/view.php?id=CVE-2002-0834
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. Desbordamiento de búfer en el disector ISIS para Ethereal 0.9.5 y anteriores permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante paquetes malformados. • http://www.ethereal.com/appnotes/enpa-sa-00006.html https://access.redhat.com/security/cve/CVE-2002-0834 https://bugzilla.redhat.com/show_bug.cgi?id=1616817 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2002-0403
https://notcve.org/view.php?id=CVE-2002-0403
DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505 http://marc.info/?l=bugtraq&m=102268626526119&w=2 http://www.debian.org/security/2002/dsa-130 http://www.ethereal.com/appnotes/enpa-sa-00004.html http://www.iss.net/security_center/static/9205.php http://www.redhat.com/support/errata/RHSA-2002-036.html http://www.redhat.com/support/errata/RHSA-2002-088.html http://www.redhat.com/su •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2002-0402
https://notcve.org/view.php?id=CVE-2002-0402
Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505 http://marc.info/?l=bugtraq&m=102268626526119&w=2 http://www.debian.org/security/2002/dsa-130 http://www.ethereal.com/appnotes/enpa-sa-00004.html http://www.iss.net/security_center/static/9203.php http://www.redhat.com/support/errata/RHSA-2002-036.html http://www.redhat.com/support/errata/RHSA-2002-088.html http://www.redhat.com/su •