Page 2 of 20 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. • https://www.exploit-db.com/exploits/874 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://marc.info/?l=bugtraq&m=111066805726551&w=2 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 http://www.debian.org/security/2005/dsa-718 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/ • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0

The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. El diseccionador Q.931 en Ethereal anteriores a 0.10.0 y Tethereal, permite a atacantes remotos causar una denegación de servicio (caída) mediante un Q.931 malformado, lo que dispara una desreferencia nula. • ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000801 http://secunia.com/advisories/10531 http://secunia.com/advisories/10568 http://secunia.com/advisories/10570 http://www.debian.org/security/2003/dsa-407 http://www.ethereal.com/appnotes/enpa-sa-00012.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:002 • CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0

Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string. Vulnerabilidad desconocida en el diseccionador de DCERPC en Ethereal 0.9.12 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante una cierta cadena NDR. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.debian.org/security/2003/dsa-324 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.kb.cert.org/vuls/id/542540 http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A75 https://access.redhat.com/ •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. El examinador de SPNEGO en Ethereal 0.9.12 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) mediante un valor ASN.1 inválido. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A88 https://access.redhat.com/security/cve/CVE-2003-0430 https://bugzilla.redhat.com/show_bug.cgi?id=1617029 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. La función tvb_get_nstringz0 en Ethereal 0.9.12 y anteriores no maneja adecuadamente un búfer de tamaño cero, con consecuencias desconocidas. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662 http://secunia.com/advisories/9007 http://www.debian.org/security/2003/dsa-324 http://www.ethereal.com/appnotes/enpa-sa-00010.html http://www.redhat.com/support/errata/RHSA-2003-077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A101 https://access.redhat.com/security/cve/CVE-2003-0431 https://bugzilla&# •