Page 5 of 40 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 34EXPL: 1

Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. • http://www.securityfocus.com/archive/1/396930 http://www.securityfocus.com/bid/13391 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash). • http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.securityfocus.com/bid/12762 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9866 https://access.redhat.com/security/cve/CVE-2005-0766 https://bugzilla.redhat.com/show_bug.cgi?id=1617580 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. • https://www.exploit-db.com/exploits/874 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://marc.info/?l=bugtraq&m=111066805726551&w=2 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 http://www.debian.org/security/2005/dsa-718 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/ • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 3%CPEs: 38EXPL: 0

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. • http://secunia.com/advisories/13946 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.debian.org/security/2005/dsa-653 http://www.ethereal.com/appnotes/enpa-sa-00017.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.securityfocus.com/bid •

CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0

The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. El diseccionador Q.931 en Ethereal anteriores a 0.10.0 y Tethereal, permite a atacantes remotos causar una denegación de servicio (caída) mediante un Q.931 malformado, lo que dispara una desreferencia nula. • ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000801 http://secunia.com/advisories/10531 http://secunia.com/advisories/10568 http://secunia.com/advisories/10570 http://www.debian.org/security/2003/dsa-407 http://www.ethereal.com/appnotes/enpa-sa-00012.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:002 • CWE-476: NULL Pointer Dereference •