Ethereal Group » Ethereal » 0.9.11 : Security Vulnerabilities, CVEs, Published In 2004 (Denial of service)

Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file.

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp.

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.

The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.

The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.