Page 2 of 20 results (0.007 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

CVE-2005-0739 – Ethereal 0.10.9 (Windows) - '3G-A11' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2005-0739

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. • https://www.exploit-db.com/exploits/874 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://marc.info/?l=bugtraq&m=111066805726551&w=2 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 http://www.debian.org/security/2005/dsa-718 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/ • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0

CVE-2003-1013

https://notcve.org/view.php?id=CVE-2003-1013

The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. El diseccionador Q.931 en Ethereal anteriores a 0.10.0 y Tethereal, permite a atacantes remotos causar una denegación de servicio (caída) mediante un Q.931 malformado, lo que dispara una desreferencia nula. • ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000801 http://secunia.com/advisories/10531 http://secunia.com/advisories/10568 http://secunia.com/advisories/10570 http://www.debian.org/security/2003/dsa-407 http://www.ethereal.com/appnotes/enpa-sa-00012.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:002 • CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2003-0428

https://notcve.org/view.php?id=CVE-2003-0428

Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string. Vulnerabilidad desconocida en el diseccionador de DCERPC en Ethereal 0.9.12 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante una cierta cadena NDR. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.debian.org/security/2003/dsa-324 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.kb.cert.org/vuls/id/542540 http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A75 https://access.redhat.com/ •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

CVE-2003-0429

https://notcve.org/view.php?id=CVE-2003-0429

The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. El examinador OSI en Ethereal 0.9.12 y anteriores permite atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante longitudes de prefijos IPv4 o IPv6 inválidas, posiblemente disparando un desbordamiento de búfer. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.debian.org/security/2003/dsa-324 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A84 https://access.redhat.com/security/cve/CVE-2003-0429 https://bugzilla •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2003-0430

https://notcve.org/view.php?id=CVE-2003-0430

The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. El examinador de SPNEGO en Ethereal 0.9.12 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) mediante un valor ASN.1 inválido. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A88 https://access.redhat.com/security/cve/CVE-2003-0430 https://bugzilla.redhat.com/show_bug.cgi?id=1617029 •