5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.7 High
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
lists.suse.com/archive/suse-security-announce/2006-May/0004.html
secunia.com/advisories/19769
secunia.com/advisories/19805
secunia.com/advisories/19828
secunia.com/advisories/19839
secunia.com/advisories/19958
secunia.com/advisories/19962
secunia.com/advisories/20117
secunia.com/advisories/20210
secunia.com/advisories/20944
securitytracker.com/id?1015985
support.avaya.com/elmodocs2/security/ASA-2006-128.htm
www.debian.org/security/2006/dsa-1049
www.ethereal.com/appnotes/enpa-sa-00023.html
www.gentoo.org/security/en/glsa/glsa-200604-17.xml
www.mandriva.com/security/advisories?name=MDKSA-2006:077
www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html
www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html
www.redhat.com/support/errata/RHSA-2006-0420.html
www.securityfocus.com/bid/17682
www.vupen.com/english/advisories/2006/1501
exchange.xforce.ibmcloud.com/vulnerabilities/26014
exchange.xforce.ibmcloud.com/vulnerabilities/26026
exchange.xforce.ibmcloud.com/vulnerabilities/26027
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445