CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Ethereal Group : Security Vulnerabilities (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6120 119 DoS Overflow 2007-11-23 2012-08-13
5.0
None Remote Low Not required None None Partial
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
2 CVE-2006-3632 119 DoS Exec Code Overflow 2006-07-21 2010-09-15
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
3 CVE-2006-1936 Exec Code Overflow 2006-04-25 2010-08-21
5.0
None Remote Low Not required None Partial None
Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.
4 CVE-2006-1935 DoS Exec Code Overflow 2006-04-25 2010-08-21
5.0
None Remote Low Not required None None Partial
Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.
5 CVE-2006-1934 DoS Exec Code Overflow 2006-04-25 2010-08-21
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
6 CVE-2005-3651 Exec Code Overflow 2005-12-10 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
7 CVE-2005-3243 Exec Code Overflow 2005-10-27 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
8 CVE-2005-3184 Exec Code Overflow 2005-10-20 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
9 CVE-2005-2365 DoS Overflow 2005-08-10 2010-08-21
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors.
10 CVE-2005-1462 119 Exec Code Overflow 2005-05-05 2010-08-21
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
11 CVE-2005-1461 DoS Exec Code Overflow 2005-05-05 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
12 CVE-2005-0739 189 Overflow 2005-05-02 2010-08-21
5.0
None Remote Low Not required None None Partial
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.
13 CVE-2005-0704 DoS Exec Code Overflow 2005-05-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
14 CVE-2005-0699 Exec Code Overflow 2005-03-08 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
15 CVE-2005-0084 Exec Code Overflow 2005-05-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.
16 CVE-2004-0633 DoS Overflow 2004-12-06 2010-08-21
5.0
None Remote Low Not required None None Partial
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
17 CVE-2004-0507 DoS Exec Code Overflow 2004-08-18 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
18 CVE-2004-0176 DoS Exec Code Overflow 2004-05-04 2010-08-21
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
19 CVE-2003-0927 DoS Exec Code Overflow 2003-12-01 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
20 CVE-2003-0925 DoS Exec Code Overflow 2003-12-01 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
21 CVE-2003-0429 DoS Exec Code Overflow 2003-07-24 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
22 CVE-2003-0357 DoS Exec Code Overflow 2003-06-09 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
23 CVE-2003-0159 DoS Exec Code Overflow 2003-04-02 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
24 CVE-2002-0834 DoS Exec Code Overflow 2002-09-24 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
25 CVE-2002-0821 DoS Exec Code Overflow 2002-08-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.
26 CVE-2002-0402 DoS Exec Code Overflow 2002-06-18 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.
27 CVE-2000-1174 Exec Code Overflow 2001-01-09 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username.
Total number of vulnerabilities : 27   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.