Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-1461 | First vendor Publication | 2005-05-05 |
Vendor | Cve | Last vendor Modification | 2024-02-14 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1461 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9853 | |||
Oval ID: | oval:org.mitre.oval:def:9853 | ||
Title: | Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Description: | Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1461 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200505-03 (Ethereal) File : nvt/glsa_200505_03.nasl |
2008-09-04 | Name : FreeBSD Ports: ethereal*, tethereal* File : nvt/freebsd_ethereal5.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16269 | Ethereal OCSP Dissector Remote Overflow Ethereal contains a flaw related to the OCSP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16153 | Ethereal Presentation Dissector Remote Overflow Ethereal contains a flaw related to the Presentation dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16150 | Ethereal TCAP Dissector Unspecified Remote Overflow Ethereal contains a flaw related to the TCAP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16147 | Ethereal ISUP Dissector Remote Overflow Ethereal contains a flaw related to the ISUP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16141 | Ethereal NCP Dissector Remote Overflow Ethereal contains a flaw related to the NCP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16137 | Ethereal MEGACO Dissector Remote Overflow Ethereal contains a flaw related to the MEGACO dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16133 | Ethereal Q.931 Dissector Remote Overflow Ethereal contains a flaw related to the Q.931 dissector that may allow an attacker to execute arbitrary code by freeing a null pointer and overflowing an unspecified buffer. No further details have been provided. |
16130 | Ethereal PKIX Qualified Dissector Remote Overflow Ethereal contains a flaw related to the PKIX Qualified dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16129 | Ethereal PKIX1Explitit Dissector Remote Overflow Ethereal contains a flaw related to the PKIX1Explitit dissector that may allow an attacker to execute arbitrary code by triggering an unspcified buffer overflow. No further details have been provided. |
16127 | Ethereal ESS Dissector Remote Overflow Ethereal contains a flaw related to the ESS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16126 | Ethereal CRMF Dissector Remote Overflow Ethereal contains a flaw related to the CRMF dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16125 | Ethereal CMS Dissector Remote Overflow Ethereal contains a flaw related to the CMS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16124 | Ethereal CMP Dissector Remote Overflow Ethereal contains a flaw related to the CMP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16123 | Ethereal CMIP Dissector Remote Overflow Ethereal contains a flaw related to the CMIP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16122 | Ethereal ISIS Dissector Remote Overflow Ethereal contains a flaw related to the ISIS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16099 | Ethereal SIP Dissector Remote Overflow A remote overflow exists in Ethereal. The SIP dissector fails to validate user-supplied input in the cseq_method variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16098 | Ethereal FCELS Dissector Remote Overflow A remote overflow exists in Ethereal. The FCELS dissector fails to validate unspecified input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16097 | Ethereal DISTCC Dissector Multiple Message Type Parsing Remote Overflow A remote overflow exists in Ethereal. The DISTCC dissector fails to validate argv, serr and sout messages resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Ethereal SIP UDP CSeq overflow attempt RuleID : 3678 - Revision : 7 - Type : EXPLOIT |
2014-01-10 | Ethereal SIP UDP CSeq overflow attempt RuleID : 3677 - Revision : 8 - Type : EXPLOIT |
2014-01-10 | SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3650 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3649 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans data displacement null pointer DOS attempt RuleID : 3648 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans andx data displacement null pointer DOS attempt RuleID : 3647 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans unicode andx data displacement null pointer DOS attempt RuleID : 3646 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans unicode data displacement null pointer DOS attempt RuleID : 3645 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans data displacement null pointer DOS attempt RuleID : 3644 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans andx data displacement null pointer DOS attempt RuleID : 3643 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3642 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3641 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans data displacement null pointer DOS attempt RuleID : 3640 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans andx data displacement null pointer DOS attempt RuleID : 3639 - Revision : 3 - Type : NETBIOS |
2014-01-10 | CSeq buffer overflow attempt RuleID : 16351 - Revision : 11 - Type : PROTOCOL-VOIP |
2014-01-10 | CSeq buffer overflow attempt RuleID : 11971 - Revision : 8 - Type : PROTOCOL-VOIP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-427.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_76adaab0e4e311d9b8750001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-05-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-427.nasl - Type : ACT_GATHER_INFO |
2005-05-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200505-03.nasl - Type : ACT_GATHER_INFO |
2005-05-11 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-083.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-14 13:28:31 |
|
2021-05-04 12:02:57 |
|
2021-04-22 01:03:11 |
|
2020-05-23 00:16:33 |
|
2017-10-11 09:23:31 |
|
2016-04-26 13:29:35 |
|
2014-02-17 10:31:19 |
|
2014-01-19 21:22:42 |
|
2013-05-11 11:25:45 |
|