FreeBSD831A6A66-79FA-11D9-A9E7-0001020EED82ethereal -- multiple protocol dissectors vulnerabilities
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
91.5%
An Ethreal Security Advisories reports:
Issues have been discovered in the following protocol
dissectors:
The COPS dissector could go into an infinite
loop. CVE: CAN-2005-0006
The DLSw dissector could cause an assertion. CVE:
CAN-2005-0007
The DNP dissector could cause memory corruption. CVE:
CAN-2005-0008
The Gnutella dissector could cuase an assertion. CVE:
CAN-2005-0009
The MMSE dissector could free statically-allocated
memory. CVE: CAN-2005-0010
The X11 dissector is vulnerable to a string buffer
overflow. CVE: CAN-2005-0084
Impact: It may be possible to make Ethereal crash or run
arbitrary code by injecting a purposefully malformed
packet onto the wire or by convincing someone to read a
malformed packet trace file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | ethereal | = 0.8.10 | UNKNOWN |
| FreeBSD | any | noarch | ethereal | < 0.10.9 | UNKNOWN |
| FreeBSD | any | noarch | ethereal-lite | = 0.8.10 | UNKNOWN |
| FreeBSD | any | noarch | ethereal-lite | < 0.10.9 | UNKNOWN |
| FreeBSD | any | noarch | tethereal | = 0.8.10 | UNKNOWN |
| FreeBSD | any | noarch | tethereal | < 0.10.9 | UNKNOWN |
| FreeBSD | any | noarch | tethereal-lite | = 0.8.10 | UNKNOWN |
| FreeBSD | any | noarch | tethereal-lite | < 0.10.9 | UNKNOWN |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
91.5%