Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-2367 | First vendor Publication | 2005-08-10 |
Vendor | Cve | Last vendor Modification | 2024-02-14 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2367 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10765 | |||
Oval ID: | oval:org.mitre.oval:def:10765 | ||
Title: | Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet. | ||
Description: | Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2367 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5015871.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-27 (Ethereal) File : nvt/glsa_200507_27.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 853-1 (ethereal) File : nvt/deb_853_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18670 | Ethereal AFP Protocol Dissector Remote Format String Ethereal contains a format string flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when unchecked data is passed to proto_item_set_text() which uses formats. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
18388 | Ethereal Multiple Unspecified Dissector Format String Overflow Ethereal contains an unspecified format string flaw related to several dissectors that may allow an attacker to execute arbitrary code. No further details have been provided. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-687.nasl - Type : ACT_GATHER_INFO |
2005-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-853.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-131.nasl - Type : ACT_GATHER_INFO |
2005-08-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-687.nasl - Type : ACT_GATHER_INFO |
2005-07-31 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-651.nasl - Type : ACT_GATHER_INFO |
2005-07-31 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-655.nasl - Type : ACT_GATHER_INFO |
2005-07-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-27.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-14 13:28:30 |
|
2021-05-04 12:03:05 |
|
2021-04-22 01:03:21 |
|
2020-05-23 00:16:43 |
|
2017-10-11 09:23:33 |
|
2016-04-26 13:41:21 |
|
2014-02-17 10:32:13 |
|
2013-05-11 11:29:02 |
|