Executive Summary
Summary | |
---|---|
Title | ethereal security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:427 | First vendor Publication | 2005-05-24 |
Vendor | RedHat | Last vendor Modification | 2005-05-24 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1456, CAN-2005-1457, CAN-2005-1458, CAN-2005-1459, CAN-2005-1460, CAN-2005-1461, CAN-2005-1462, CAN-2005-1463, CAN-2005-1464, CAN-2005-1465, CAN-2005-1466, CAN-2005-1467, CAN-2005-1468, CAN-2005-1469, and CAN-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 156911 - multiple ethereal security issues |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-427.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10049 | |||
Oval ID: | oval:org.mitre.oval:def:10049 | ||
Title: | Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference. | ||
Description: | Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1468 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10224 | |||
Oval ID: | oval:org.mitre.oval:def:10224 | ||
Title: | Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop). | ||
Description: | Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1465 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10713 | |||
Oval ID: | oval:org.mitre.oval:def:10713 | ||
Title: | Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | ||
Description: | Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1463 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11024 | |||
Oval ID: | oval:org.mitre.oval:def:11024 | ||
Title: | Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors. | ||
Description: | Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1466 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11348 | |||
Oval ID: | oval:org.mitre.oval:def:11348 | ||
Title: | Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors. | ||
Description: | Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1458 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11494 | |||
Oval ID: | oval:org.mitre.oval:def:11494 | ||
Title: | Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error). | ||
Description: | Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1459 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11804 | |||
Oval ID: | oval:org.mitre.oval:def:11804 | ||
Title: | Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||
Description: | Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1470 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9534 | |||
Oval ID: | oval:org.mitre.oval:def:9534 | ||
Title: | Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop). | ||
Description: | Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1464 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9598 | |||
Oval ID: | oval:org.mitre.oval:def:9598 | ||
Title: | Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | ||
Description: | Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1469 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9654 | |||
Oval ID: | oval:org.mitre.oval:def:9654 | ||
Title: | Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors. | ||
Description: | Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1467 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9700 | |||
Oval ID: | oval:org.mitre.oval:def:9700 | ||
Title: | Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort). | ||
Description: | Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1456 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9713 | |||
Oval ID: | oval:org.mitre.oval:def:9713 | ||
Title: | Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | ||
Description: | Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1462 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9825 | |||
Oval ID: | oval:org.mitre.oval:def:9825 | ||
Title: | Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | ||
Description: | Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1457 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9853 | |||
Oval ID: | oval:org.mitre.oval:def:9853 | ||
Title: | Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Description: | Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1461 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9970 | |||
Oval ID: | oval:org.mitre.oval:def:9970 | ||
Title: | Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length. | ||
Description: | Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1460 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200505-03 (Ethereal) File : nvt/glsa_200505_03.nasl |
2008-09-04 | Name : FreeBSD Ports: ethereal*, tethereal* File : nvt/freebsd_ethereal5.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16269 | Ethereal OCSP Dissector Remote Overflow Ethereal contains a flaw related to the OCSP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16153 | Ethereal Presentation Dissector Remote Overflow Ethereal contains a flaw related to the Presentation dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16152 | Ethereal NTLMSSP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the NTLMSSP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16151 | Ethereal TCAP Dissector Unspecified DoS Ethereal contains a flaw related to the TCAP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16150 | Ethereal TCAP Dissector Unspecified Remote Overflow Ethereal contains a flaw related to the TCAP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16149 | Ethereal LDAP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the LDAP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16148 | Ethereal ISUP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the ISUP dissector that may allow an attacker to cause a denial of service by triggering a segmentation fault. No further details have been provided. |
16147 | Ethereal ISUP Dissector Remote Overflow Ethereal contains a flaw related to the ISUP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16146 | Ethereal MRDISC Dissector Unspecified Remote DoS Ethereal contains a flaw related to the MRDISC dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16145 | Ethereal L2TP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the L2TP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided. |
16144 | Ethereal GSM Dissector Invalid Pointer Remote DoS Ethereal contains a flaw related to the GSM dissector that may allow an attacker to cause a denial of service by accessing an invalid pointer. No further details have been provided. |
16143 | Ethereal RADIUS Dissector Unspecified Remote DoS Ethereal contains a flaw related to the RADIUS dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16142 | Ethereal NCP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the NCP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided. |
16141 | Ethereal NCP Dissector Remote Overflow Ethereal contains a flaw related to the NCP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16140 | Ethereal RPC Dissector Null Pointer Remote DoS Ethereal contains a flaw related to the RPC dissector that may allow an attacker to cause denial of service by triggering a null pointer exception. No further details have been provided. |
16139 | Ethereal DLSw Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the DLSw dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided. |
16138 | Ethereal MEGACO Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the MEGACO dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided. |
16137 | Ethereal MEGACO Dissector Remote Overflow Ethereal contains a flaw related to the MEGACO dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16136 | Ethereal ICEP Dissector Double-free Remote DoS Ethereal contains a flaw related to the ICEP dissector that may allow an attacker to cause a denial of service by freeing the same memory twice. No further details have been provided. |
16135 | Ethereal IAX2 Dissector Unspecified Remote DoS Ethereal contains a flaw related to the IAX2 dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided. |
16134 | Ethereal Q.931 Dissector Remote Null Pointer DoS Ethereal contains a flaw related to the Q.931 dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16133 | Ethereal Q.931 Dissector Remote Overflow Ethereal contains a flaw related to the Q.931 dissector that may allow an attacker to execute arbitrary code by freeing a null pointer and overflowing an unspecified buffer. No further details have been provided. |
16132 | Ethereal NDPS Dissector Multiple Method Remote DoS Ethereal contains flaws related to the NDPS dissector that may allow an attacker to cause a denial of service by exhausting system memory, or causing an assertion, or crash. No further details have been provided. |
16130 | Ethereal PKIX Qualified Dissector Remote Overflow Ethereal contains a flaw related to the PKIX Qualified dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16129 | Ethereal PKIX1Explitit Dissector Remote Overflow Ethereal contains a flaw related to the PKIX1Explitit dissector that may allow an attacker to execute arbitrary code by triggering an unspcified buffer overflow. No further details have been provided. |
16127 | Ethereal ESS Dissector Remote Overflow Ethereal contains a flaw related to the ESS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16126 | Ethereal CRMF Dissector Remote Overflow Ethereal contains a flaw related to the CRMF dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16125 | Ethereal CMS Dissector Remote Overflow Ethereal contains a flaw related to the CMS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16124 | Ethereal CMP Dissector Remote Overflow Ethereal contains a flaw related to the CMP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16123 | Ethereal CMIP Dissector Remote Overflow Ethereal contains a flaw related to the CMIP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16122 | Ethereal ISIS Dissector Remote Overflow Ethereal contains a flaw related to the ISIS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided. |
16121 | Ethereal EIGRP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the EIGRP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided. |
16120 | Ethereal SRVLOC Dissector Multiple Method Remote DoS Ethereal contains a flaw related to the SVRLOC dissector that may allow an attacker to cause a denial of service by triggering a crash or infinite loop. No further details have been provided. |
16119 | Ethereal DHCP Dissector Remote Format String Ethereal contains an unspecified format string flaw related to the DHCP dissector that may allow an attacker to execute arbitrary code. No further details have been provided. |
16118 | Ethereal RSVP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the RSVP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16117 | Ethereal MGCP Dissector Multiple Method Remote DoS Ethereal contains a flaw related to the MGCP dissector that may allow an attacker to cause a denial of service by triggering a null pointer exception, infinite loop or segmentation fault. No further details have been provided. |
16116 | Ethereal DICOM Dissector Memory Exhaustion Remote DoS Ethereal contains a flaw related to the DICOM dissector that may allow an attacker to cause a denial of service by allocating large amounts of memory. No further details have been provided. |
16115 | Ethereal Fibre Channel Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Fibre Channel dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16114 | Ethereal Bittorrent Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Bittorrent dissector that may allow an attacker to cause a denial of service by triggering a segmentation fault. No further details have been provided. |
16113 | Ethereal H.245 Dissector Null Pointer Exception DoS Ethereal contains a flaw related to the H.245 dissector that may allow an attacker to cause a denial of service by triggering a null pointer exception. No further details have been provided. |
16112 | Ethereal SMB Dissector Unspecified Remote DoS Ethereal contains a flaw related to the SMB dissector that may allow an attacker to cause a denial of service by triggering unspecified assertions. No further details have been provided. |
16111 | Ethereal SMB Dissector dissect_ipc_state() Malformed Packet DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed UDP packet is handled by the dissect_ipc_state() function, and will result in loss of availability for the application. |
16110 | Ethereal SMB PIPE Dissector Unspecified Remote DoS Ethereal contains a flaw related to the SMP PIPE dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16109 | Ethereal SMB Mailslot Dissector Multiple Method DoS Ethereal contains flaws that may allow a remote denial of service. The issue is triggered by unspecified flaws in the SMB Mailslot dissector which can cause null pointer exceptions or assertions, and will result in loss of availability for the application. |
16108 | Ethereal SMB NETLOGON Dissector Null Pointer Dereference DoS Ethereal contains a flaw related to the SMB NETLOGON dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16107 | Ethereal BER Dissector Unspecified Remote DoS Ethereal contains a flaw related to the BER dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided. |
16106 | Ethereal 802.3 Slow Protocol Dissector Unspecified DoS Ethereal contains a flaw related to the 802.3 Slow protocols dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided. |
16105 | Ethereal WSP Dissector Multiple Method Remote DoS Ethereal contains flaws that may allow a remote denial of service. The issue is triggered by unspecified flaws which can cause null pointer exceptions or assertions, and will result in loss of availability for the application. |
16104 | Ethereal TZSP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the TZSP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16103 | Ethereal Telnet Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Telnet dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
16102 | Ethereal LMP Dissector Endless Loop Remote DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker causes the LMP dissector to enter an endless loop, and will result in loss of availability for the application. |
16101 | Ethereal KINK Dissector Multiple Method Remote DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker causes the KINK dissector to generate null pointer exceptions or endless looping, and will result in loss of availability for the application. |
16100 | Ethereal KINK Dissector Unspecified Security Issue Ethereal contains a flaw related to the KINK dissector. No further details have been provided. |
16099 | Ethereal SIP Dissector Remote Overflow A remote overflow exists in Ethereal. The SIP dissector fails to validate user-supplied input in the cseq_method variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16098 | Ethereal FCELS Dissector Remote Overflow A remote overflow exists in Ethereal. The FCELS dissector fails to validate unspecified input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16097 | Ethereal DISTCC Dissector Multiple Message Type Parsing Remote Overflow A remote overflow exists in Ethereal. The DISTCC dissector fails to validate argv, serr and sout messages resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16096 | Ethereal AIM Dissector Unspecified Remote DoS Ethereal contains a flaw related to the AIM dissector that may allow a remote attacker to cause a denial of service. No further details have been provided. |
16095 | Ethereal GSM MAP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the GSM MAP dissector that may allow a remote attacker to cause a denial of service. No further details have been provided. |
16094 | Ethereal ANSI A Dissector Remote Format String A remote format string handling flaw exists in Ethereal. The ANSI A dissector fails to validate user-supplied input. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
16093 | Ethereal Multiple Dissector Invalid Protocol Tree Item Length DoS Ethereal contains a flaw related to multiple dissectors that may allow an attacker to cause a denial of service by passing an invalid protocol tree item length. No further details have been provided. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Ethereal SIP UDP CSeq overflow attempt RuleID : 3678 - Revision : 7 - Type : EXPLOIT |
2014-01-10 | Ethereal SIP UDP CSeq overflow attempt RuleID : 3677 - Revision : 8 - Type : EXPLOIT |
2014-01-10 | SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3650 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3649 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans data displacement null pointer DOS attempt RuleID : 3648 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans andx data displacement null pointer DOS attempt RuleID : 3647 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans unicode andx data displacement null pointer DOS attempt RuleID : 3646 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans unicode data displacement null pointer DOS attempt RuleID : 3645 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans data displacement null pointer DOS attempt RuleID : 3644 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans andx data displacement null pointer DOS attempt RuleID : 3643 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3642 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3641 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans data displacement null pointer DOS attempt RuleID : 3640 - Revision : 3 - Type : NETBIOS |
2014-01-10 | SMB Trans andx data displacement null pointer DOS attempt RuleID : 3639 - Revision : 3 - Type : NETBIOS |
2014-01-10 | CSeq buffer overflow attempt RuleID : 16351 - Revision : 11 - Type : PROTOCOL-VOIP |
2014-01-10 | CSeq buffer overflow attempt RuleID : 11971 - Revision : 8 - Type : PROTOCOL-VOIP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-427.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_76adaab0e4e311d9b8750001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-05-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-427.nasl - Type : ACT_GATHER_INFO |
2005-05-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200505-03.nasl - Type : ACT_GATHER_INFO |
2005-05-11 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-083.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:22 |
|