ID CVE-2005-0704 Type cve Reporter cve@mitre.org Modified 2017-10-11T01:29:00
Description
Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
{"osvdb": [{"lastseen": "2017-04-28T13:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2005-0704"], "edition": 1, "description": "## Solution Description\nUpgrade to version 0.10.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.ethereal.com/\n[Vendor Specific Advisory URL](http://www.ethereal.com/appnotes/enpa-sa-00018.html)\n[Vendor Specific Advisory URL](http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000942)\n[Vendor Specific Advisory URL](http://rhn.redhat.com/errata/RHSA-2005-306.html)\nSecurity Tracker: 1013419\n[Secunia Advisory ID:14596](https://secuniaresearch.flexerasoftware.com/advisories/14596/)\n[Secunia Advisory ID:14759](https://secuniaresearch.flexerasoftware.com/advisories/14759/)\n[Secunia Advisory ID:14573](https://secuniaresearch.flexerasoftware.com/advisories/14573/)\n[Secunia Advisory ID:14620](https://secuniaresearch.flexerasoftware.com/advisories/14620/)\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:053\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200503-16.xml\nKeyword: enpa-sa-00018\n[CVE-2005-0704](https://vulners.com/cve/CVE-2005-0704)\n", "modified": "2005-03-11T02:47:09", "published": "2005-03-11T02:47:09", "href": "https://vulners.com/osvdb/OSVDB:14665", "id": "OSVDB:14665", "type": "osvdb", "title": "Ethereal Etheric Dissector Remote Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-16.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54881", "href": "http://plugins.openvas.org/nasl.php?oid=54881", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200503-16 (ethereal)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities exist in Ethereal, which may allow an attacker to\nrun arbitrary code or crash the program.\";\ntag_solution = \"All Ethereal users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.10'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=84547\nhttp://www.ethereal.com/appnotes/enpa-sa-00018.html\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-16.\";\n\n \n\nif(description)\n{\n script_id(54881);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200503-16 (ethereal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/ethereal\", unaffected: make_list(\"ge 0.10.10\"), vulnerable: make_list(\"lt 0.10.10\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-16T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52156", "href": "http://plugins.openvas.org/nasl.php?oid=52156", "type": "openvas", "title": "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite", "sourceData": "#\n#VID cb470368-94d2-11d9-a9e0-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n ethereal\n ethereal-lite\n tethereal\n tethereal-lite\n\nCVE-2005-0699\nMultiple buffer overflows in the dissect_a11_radius function in the\nCDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and\nearlier allow remote attackers to execute arbitrary code via RADIUS\nauthentication packets with large length values.\n\nCVE-2005-0704\nBuffer overflow in the Etheric dissector in Ethereal 0.10.7 through\n0.10.9 allows remote attackers to cause a denial of service\n(application crash) and possibly execute arbitrary code.\n\nCVE-2005-0705\nThe GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the\n'ignore cipher bit' option enabled. allows remote attackers to cause a\ndenial of service (application crash).\n\nCVE-2005-0739\nThe IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does\nnot properly use certain routines for formatting strings, which could\nleave it vulnerable to buffer overflows, as demonstrated using\nmodified length values that are not properly handled by the the\ndissect_pdus and pduval_to_str functions.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ethereal.com/appnotes/enpa-sa-00018.html\nhttp://www.vuxml.org/freebsd/cb470368-94d2-11d9-a9e0-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52156);\n script_version(\"$Revision: 4078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-16 07:34:17 +0200 (Fri, 16 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"ethereal\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.1\")>=0 && revcomp(a:bver, b:\"0.10.10\")<0) {\n txt += 'Package ethereal version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ethereal-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.1\")>=0 && revcomp(a:bver, b:\"0.10.10\")<0) {\n txt += 'Package ethereal-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tethereal\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.1\")>=0 && revcomp(a:bver, b:\"0.10.10\")<0) {\n txt += 'Package tethereal version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tethereal-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.1\")>=0 && revcomp(a:bver, b:\"0.10.10\")<0) {\n txt += 'Package tethereal-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:01", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0705", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699"], "description": "\nAn Ethreal Security Advisories reports:\n\nIssues have been discovered in the following protocol\n\t dissectors:\n\nMatevz Pustisek discovered a buffer overflow in the\n\t Etheric dissector. CVE: CAN-2005-0704\nThe GPRS-LLC dissector could crash if the \"ignore\n\t cipher bit\" option was enabled. CVE: CAN-2005-0705\nDiego Giago discovered a buffer overflow in the 3GPP2\n\t A11 dissector. This flaw was later reported by Leon\n\t Juranic. CVE: CAN-2005-0699\nLeon Juranic discovered a buffer overflow in the IAPP dissector.\n\t CVE: CAN-2005-0739\nA bug in the JXTA dissector could make Ethereal crash.\nA bug in the sFlow dissector could make Ethereal crash.\n\n\n", "edition": 4, "modified": "2005-06-24T00:00:00", "published": "2005-03-09T00:00:00", "id": "CB470368-94D2-11D9-A9E0-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/cb470368-94d2-11d9-a9e0-0001020eed82.html", "title": "ethereal -- multiple protocol dissectors vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:50:05", "description": "An Ethreal Security Advisories reports :\n\nIssues have been discovered in the following protocol dissectors :\n\n- Matevz Pustisek discovered a buffer overflow in the Etheric\ndissector. CVE: CAN-2005-0704\n\n- The GPRS-LLC dissector could crash if the 'ignore cipher bit' option\nwas enabled. CVE: CAN-2005-0705\n\n- Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector.\nThis flaw was later reported by Leon Juranic. CVE: CAN-2005-0699\n\n- Leon Juranic discovered a buffer overflow in the IAPP dissector.\nCVE: CAN-2005-0739\n\n- A bug in the JXTA dissector could make Ethereal crash.\n\n- A bug in the sFlow dissector could make Ethereal crash.", "edition": 25, "published": "2005-07-13T00:00:00", "title": "FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (cb470368-94d2-11d9-a9e0-0001020eed82)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699"], "modified": "2005-07-13T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:tethereal", "p-cpe:/a:freebsd:freebsd:ethereal", "p-cpe:/a:freebsd:freebsd:ethereal-lite", "p-cpe:/a:freebsd:freebsd:tethereal-lite"], "id": "FREEBSD_PKG_CB47036894D211D9A9E00001020EED82.NASL", "href": "https://www.tenable.com/plugins/nessus/19120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19120);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\");\n script_bugtraq_id(12759);\n\n script_name(english:\"FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (cb470368-94d2-11d9-a9e0-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An Ethreal Security Advisories reports :\n\nIssues have been discovered in the following protocol dissectors :\n\n- Matevz Pustisek discovered a buffer overflow in the Etheric\ndissector. CVE: CAN-2005-0704\n\n- The GPRS-LLC dissector could crash if the 'ignore cipher bit' option\nwas enabled. CVE: CAN-2005-0705\n\n- Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector.\nThis flaw was later reported by Leon Juranic. CVE: CAN-2005-0699\n\n- Leon Juranic discovered a buffer overflow in the IAPP dissector.\nCVE: CAN-2005-0739\n\n- A bug in the JXTA dissector could make Ethereal crash.\n\n- A bug in the sFlow dissector could make Ethereal crash.\"\n );\n # http://www.ethereal.com/appnotes/enpa-sa-00018.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00018.html\"\n );\n # https://vuxml.freebsd.org/freebsd/cb470368-94d2-11d9-a9e0-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d989e18\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ethereal-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tethereal-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ethereal>=0.9.1<0.10.10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ethereal-lite>=0.9.1<0.10.10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tethereal>=0.9.1<0.10.10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tethereal-lite>=0.9.1<0.10.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T04:55:38", "description": "Updated Ethereal packages that fix various security vulnerabilities\nare now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe ethereal package is a program for monitoring network traffic.\n\nA number of security flaws have been discovered in Ethereal. On a\nsystem where Ethereal is running, a remote attacker could send\nmalicious packets to trigger these flaws and cause Ethereal to crash\nor potentially execute arbitrary code.\n\nA buffer overflow flaw was discovered in the Etheric dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0704 to this issue.\n\nThe GPRS-LLC dissector could crash if the 'ignore cipher bit' option\nwas set. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2005-0705 to this issue.\n\nA buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0699 to this issue.\n\nA buffer overflow flaw was discovered in the IAPP dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0739 to this issue.\n\nUsers of ethereal should upgrade to these updated packages, which\ncontain version 0.10.10 and are not vulnerable to these issues.", "edition": 27, "published": "2005-03-18T00:00:00", "title": "RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:306)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0765", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699", "CVE-2005-0766"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:ethereal-gnome", "p-cpe:/a:redhat:enterprise_linux:ethereal"], "id": "REDHAT-RHSA-2005-306.NASL", "href": "https://www.tenable.com/plugins/nessus/17366", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:306. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17366);\n script_version (\"1.28\");\n script_cvs_date(\"Date: 2019/10/25 13:36:11\");\n\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\", \"CVE-2005-0765\", \"CVE-2005-0766\");\n script_xref(name:\"RHSA\", value:\"2005:306\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:306)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Ethereal packages that fix various security vulnerabilities\nare now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe ethereal package is a program for monitoring network traffic.\n\nA number of security flaws have been discovered in Ethereal. On a\nsystem where Ethereal is running, a remote attacker could send\nmalicious packets to trigger these flaws and cause Ethereal to crash\nor potentially execute arbitrary code.\n\nA buffer overflow flaw was discovered in the Etheric dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0704 to this issue.\n\nThe GPRS-LLC dissector could crash if the 'ignore cipher bit' option\nwas set. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2005-0705 to this issue.\n\nA buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0699 to this issue.\n\nA buffer overflow flaw was discovered in the IAPP dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0739 to this issue.\n\nUsers of ethereal should upgrade to these updated packages, which\ncontain version 0.10.10 and are not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0766\"\n );\n # http://www.ethereal.com/appnotes/enpa-sa-00018.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:306\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ethereal and / or ethereal-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ethereal-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:306\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ethereal-0.10.10-1.AS21.1\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ethereal-gnome-0.10.10-1.AS21.1\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"ethereal-0.10.10-1.EL3.1\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"ethereal-gnome-0.10.10-1.EL3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ethereal-0.10.10-1.EL4.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ethereal-gnome-0.10.10-1.EL4.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ethereal / ethereal-gnome\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:55", "description": "The remote host is affected by the vulnerability described in GLSA-200503-16\n(Ethereal: Multiple vulnerabilities)\n\n There are multiple vulnerabilities in versions of Ethereal earlier than\n 0.10.10, including:\n The Etheric, 3GPP2 A11 and IAPP dissectors are vulnerable to buffer\n overflows (CAN-2005-0704, CAN-2005-0699 and CAN-2005-0739).\n The GPRS-LLC could crash when the 'ignore cipher bit' option is\n enabled (CAN-2005-0705).\n Various vulnerabilities in JXTA and sFlow dissectors.\n \nImpact :\n\n An attacker might be able to use these vulnerabilities to crash\n Ethereal and execute arbitrary code with the permissions of the user\n running Ethereal, which could be the root user.\n \nWorkaround :\n\n For a temporary workaround you can disable all affected protocol\n dissectors. However, it is strongly recommended that you upgrade to the\n latest stable version.", "edition": 25, "published": "2005-03-14T00:00:00", "title": "GLSA-200503-16 : Ethereal: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0765", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699", "CVE-2005-0766"], "modified": "2005-03-14T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:ethereal"], "id": "GENTOO_GLSA-200503-16.NASL", "href": "https://www.tenable.com/plugins/nessus/17318", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200503-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17318);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\", \"CVE-2005-0765\", \"CVE-2005-0766\");\n script_xref(name:\"GLSA\", value:\"200503-16\");\n\n script_name(english:\"GLSA-200503-16 : Ethereal: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200503-16\n(Ethereal: Multiple vulnerabilities)\n\n There are multiple vulnerabilities in versions of Ethereal earlier than\n 0.10.10, including:\n The Etheric, 3GPP2 A11 and IAPP dissectors are vulnerable to buffer\n overflows (CAN-2005-0704, CAN-2005-0699 and CAN-2005-0739).\n The GPRS-LLC could crash when the 'ignore cipher bit' option is\n enabled (CAN-2005-0705).\n Various vulnerabilities in JXTA and sFlow dissectors.\n \nImpact :\n\n An attacker might be able to use these vulnerabilities to crash\n Ethereal and execute arbitrary code with the permissions of the user\n running Ethereal, which could be the root user.\n \nWorkaround :\n\n For a temporary workaround you can disable all affected protocol\n dissectors. However, it is strongly recommended that you upgrade to the\n latest stable version.\"\n );\n # http://www.ethereal.com/appnotes/enpa-sa-00018.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200503-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ethereal users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.10'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/ethereal\", unaffected:make_list(\"ge 0.10.10\"), vulnerable:make_list(\"lt 0.10.10\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ethereal\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:25", "description": "A number of issues were discovered in Ethereal versions prior to\n0.10.10, which is provided by this update. Matevz Pustisek discovered\na buffer overflow in the Etheric dissector (CVE-2005-0704); the\nGPRS-LLC dissector could crash if the 'ignore cipher bit' was enabled\n(CVE-2005-0705); Diego Giago found a buffer overflow in the 3GPP2 A11\ndissector (CVE-2005-0699); Leon Juranic found a buffer overflow in the\nIAPP dissector (CVE-2005-0739); and bugs in the JXTA and sFlow\ndissectors could make Ethereal crash.", "edition": 25, "published": "2005-03-16T00:00:00", "title": "Mandrake Linux Security Advisory : ethereal (MDKSA-2005:053)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0705", "CVE-2005-0765", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699", "CVE-2005-0766"], "modified": "2005-03-16T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tethereal", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:ethereal-tools", "p-cpe:/a:mandriva:linux:ethereal", "p-cpe:/a:mandriva:linux:lib64ethereal0", "p-cpe:/a:mandriva:linux:libethereal0"], "id": "MANDRAKE_MDKSA-2005-053.NASL", "href": "https://www.tenable.com/plugins/nessus/17331", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:053. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17331);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0699\", \"CVE-2005-0704\", \"CVE-2005-0705\", \"CVE-2005-0739\", \"CVE-2005-0765\", \"CVE-2005-0766\");\n script_xref(name:\"MDKSA\", value:\"2005:053\");\n\n script_name(english:\"Mandrake Linux Security Advisory : ethereal (MDKSA-2005:053)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of issues were discovered in Ethereal versions prior to\n0.10.10, which is provided by this update. Matevz Pustisek discovered\na buffer overflow in the Etheric dissector (CVE-2005-0704); the\nGPRS-LLC dissector could crash if the 'ignore cipher bit' was enabled\n(CVE-2005-0705); Diego Giago found a buffer overflow in the 3GPP2 A11\ndissector (CVE-2005-0699); Leon Juranic found a buffer overflow in the\nIAPP dissector (CVE-2005-0739); and bugs in the JXTA and sFlow\ndissectors could make Ethereal crash.\"\n );\n # http://www.ethereal.com/appnotes/enpa-sa-00018.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00018.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ethereal-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ethereal0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libethereal0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"ethereal-0.10.10-0.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"ethereal-0.10.10-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"ethereal-tools-0.10.10-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64ethereal0-0.10.10-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libethereal0-0.10.10-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"tethereal-0.10.10-0.1.101mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:15", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0705", "CVE-2005-0765", "CVE-2005-0704", "CVE-2005-0739", "CVE-2005-0699", "CVE-2005-0766"], "description": "### Background\n\nEthereal is a feature rich network protocol analyzer. \n\n### Description\n\nThere are multiple vulnerabilities in versions of Ethereal earlier than 0.10.10, including: \n\n * The Etheric, 3GPP2 A11 and IAPP dissectors are vulnerable to buffer overflows (CAN-2005-0704, CAN-2005-0699 and CAN-2005-0739).\n * The GPRS-LLC could crash when the \"ignore cipher bit\" option is enabled (CAN-2005-0705).\n * Various vulnerabilities in JXTA and sFlow dissectors.\n\n### Impact\n\nAn attacker might be able to use these vulnerabilities to crash Ethereal and execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. \n\n### Workaround\n\nFor a temporary workaround you can disable all affected protocol dissectors. However, it is strongly recommended that you upgrade to the latest stable version. \n\n### Resolution\n\nAll Ethereal users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/ethereal-0.10.10\"", "edition": 1, "modified": "2006-05-22T00:00:00", "published": "2005-03-12T00:00:00", "id": "GLSA-200503-16", "href": "https://security.gentoo.org/glsa/200503-16", "type": "gentoo", "title": "Ethereal: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-12-11T13:32:03", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0699", "CVE-2005-0704", "CVE-2005-0705", "CVE-2005-0739", "CVE-2005-0765", "CVE-2005-0766"], "description": "The ethereal package is a program for monitoring network traffic.\n\n\nA number of security flaws have been discovered in Ethereal. On a system\nwhere Ethereal is running, a remote attacker could send malicious packets\nto trigger these flaws and cause Ethereal to crash or potentially execute\narbitrary code.\n\nA buffer overflow flaw was discovered in the Etheric dissector. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0704 to this issue.\n\nThe GPRS-LLC dissector could crash if the \"ignore cipher bit\" option was\nset. The Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2005-0705 to this issue.\n\nA buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2005-0699 to this issue.\n\nA buffer overflow flaw was discovered in the IAPP dissector. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0739 to this issue.\n\nUsers of ethereal should upgrade to these updated packages, which contain\nversion 0.10.10 and are not vulnerable to these issues.", "modified": "2019-03-22T23:42:27", "published": "2005-03-18T05:00:00", "id": "RHSA-2005:306", "href": "https://access.redhat.com/errata/RHSA-2005:306", "type": "redhat", "title": "(RHSA-2005:306) ethereal security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}