Ethereal@0.9 Security Vulnerabilities and Issues — Ethereal@0.9 CVE List

Lucene search

Ethereal GroupEthereal0.9

34 matches found

CVE•added 2004/05/04 4:0 a.m.•62 views

CVE-2004-0176

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

5CVSS7.9AI score0.6869EPSS

CVE•added 2007/11/23 8:46 p.m.•62 views

CVE-2007-6120

The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

5CVSS6.1AI score0.0242EPSS

CVE•added 2007/11/23 8:46 p.m.•60 views

CVE-2007-6121

Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.

5CVSS6.1AI score0.0242EPSS

CVE•added 2005/05/02 4:0 a.m.•56 views

CVE-2005-0084

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.

7.5CVSS7.4AI score0.02317EPSS

CVE•added 2007/11/23 8:46 p.m.•56 views

CVE-2007-6111

Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.

7.1CVSS6.5AI score0.03458EPSS

CVE•added 2004/12/31 5:0 a.m.•54 views

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5CVSS6.2AI score0.06148EPSS

CVE•added 2004/12/31 5:0 a.m.•53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS

CVE•added 2003/12/01 5:0 a.m.•52 views

CVE-2003-0925

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

7.5CVSS7.9AI score0.02752EPSS

CVE•added 2004/12/06 5:0 a.m.•52 views

CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5CVSS6.2AI score0.08502EPSS

CVE•added 2004/12/31 5:0 a.m.•52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS

CVE•added 2004/05/04 4:0 a.m.•51 views

CVE-2004-0367

Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.

5CVSS7.2AI score0.08786EPSS

CVE•added 2005/05/05 4:0 a.m.•49 views

CVE-2005-1470

Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.

5CVSS6.5AI score0.13358EPSS

CVE•added 2005/12/10 11:3 a.m.•48 views

CVE-2005-3651

Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.

7.5CVSS7.8AI score0.05202EPSS

CVE•added 2006/04/25 12:50 p.m.•47 views

CVE-2006-1938

Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.

5CVSS6.6AI score0.05902EPSS

CVE•added 2006/04/25 12:50 p.m.•46 views

CVE-2006-1939

Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors.

5CVSS6.6AI score0.03224EPSS

CVE•added 2005/05/05 4:0 a.m.•44 views

CVE-2005-1456

Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).

5CVSS6.5AI score0.01117EPSS

CVE•added 2005/05/05 4:0 a.m.•44 views

CVE-2005-1463

Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.02261EPSS

CVE•added 2005/11/01 12:47 p.m.•44 views

CVE-2005-3313

The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).

5CVSS6.2AI score0.03891EPSS

CVE•added 2005/05/05 4:0 a.m.•42 views

CVE-2005-1457

Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).

5CVSS6.5AI score0.01117EPSS

CVE•added 2005/05/05 4:0 a.m.•42 views

CVE-2005-1459

Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error).

5CVSS6.5AI score0.01271EPSS

CVE•added 2005/05/05 4:0 a.m.•41 views

CVE-2005-1461

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 ...

7.5CVSS7.2AI score0.09699EPSS

CVE•added 2005/05/05 4:0 a.m.•41 views

CVE-2005-1466

Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.

5CVSS6.2AI score0.01271EPSS

CVE•added 2005/05/05 4:0 a.m.•41 views

CVE-2005-1467

Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.

5CVSS6.2AI score0.01117EPSS

CVE•added 2003/12/01 5:0 a.m.•40 views

CVE-2003-0926

Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.

5CVSS7.3AI score0.02486EPSS

CVE•added 2003/12/01 5:0 a.m.•40 views

CVE-2003-0927

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

7.5CVSS8AI score0.02429EPSS

CVE•added 2005/05/05 4:0 a.m.•40 views

CVE-2005-1464

Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).

5CVSS6.5AI score0.01297EPSS

CVE•added 2005/05/05 4:0 a.m.•39 views

CVE-2005-1460

Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.

5CVSS6.2AI score0.01117EPSS

CVE•added 2005/05/05 4:0 a.m.•39 views

CVE-2005-1468

Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.

5CVSS6.5AI score0.01498EPSS

CVE•added 2004/01/05 5:0 a.m.•38 views

CVE-2003-1012

The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.

5CVSS7.2AI score0.03013EPSS

CVE•added 2005/05/05 4:0 a.m.•38 views

CVE-2005-1458

Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.

5CVSS6.2AI score0.00743EPSS

CVE•added 2005/05/05 4:0 a.m.•38 views

CVE-2005-1465

Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).

5CVSS6.2AI score0.01271EPSS

CVE•added 2005/05/05 4:0 a.m.•37 views

CVE-2005-1469

Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer.

5CVSS6.2AI score0.01054EPSS

CVE•added 2005/04/26 4:0 a.m.•35 views

CVE-2005-1281

Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

5CVSS6.5AI score0.00786EPSS

CVE•added 2005/05/05 4:0 a.m.•35 views

CVE-2005-1462

Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

7.5CVSS7AI score0.01888EPSS