CVE-2005-1470 – Ethereal 0.10.10 - 'dissect_ipc_state' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-1470
Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. • https://www.exploit-db.com/exploits/984 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963 http://www.ethereal.com/appnotes/enpa-sa-00019.html http://www.ethereal.com/news/item_20050504_01.html http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-427.html http://www.securityfocus.com/bid/13504 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11804 https: •
CVE-2005-1281
https://notcve.org/view.php?id=CVE-2005-1281
Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. • http://www.securityfocus.com/archive/1/396930 http://www.securityfocus.com/bid/13391 •
CVE-2005-0766
https://notcve.org/view.php?id=CVE-2005-0766
Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash). • http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.securityfocus.com/bid/12762 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9866 https://access.redhat.com/security/cve/CVE-2005-0766 https://bugzilla.redhat.com/show_bug.cgi?id=1617580 •
CVE-2005-0739 – Ethereal 0.10.9 (Windows) - '3G-A11' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0739
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. • https://www.exploit-db.com/exploits/874 http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://marc.info/?l=bugtraq&m=111066805726551&w=2 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 http://www.debian.org/security/2005/dsa-718 http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 http://www.redhat.com/ • CWE-189: Numeric Errors •
CVE-2005-0084
https://notcve.org/view.php?id=CVE-2005-0084
Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. • http://secunia.com/advisories/13946 http://www.ciac.org/ciac/bulletins/p-106.shtml http://www.debian.org/security/2005/dsa-653 http://www.ethereal.com/appnotes/enpa-sa-00017.html http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:013 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.securityfocus.com/bid •