Ethereal Security Vulnerabilities and Issues — Ethereal CVE List

Lucene search

Ethereal GroupEthereal

26 matches found

CVE•added 2005/08/10 4:0 a.m.•67 views

CVE-2005-2367

Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.

7.5CVSS6.5AI score0.19352EPSS

CVE•added 2005/05/02 4:0 a.m.•56 views

CVE-2005-0084

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.

7.5CVSS7.4AI score0.02317EPSS

CVE•added 2006/07/21 2:3 p.m.•56 views

CVE-2006-3629

Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

7.8CVSS7.2AI score0.07164EPSS

CVE•added 2007/11/23 8:46 p.m.•56 views

CVE-2007-6111

Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.

7.1CVSS6.5AI score0.03458EPSS

CVE•added 2005/05/02 4:0 a.m.•55 views

CVE-2005-0704

Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.

7.5CVSS7.3AI score0.02231EPSS

CVE•added 2003/12/01 5:0 a.m.•52 views

CVE-2003-0925

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

7.5CVSS7.9AI score0.02752EPSS

CVE•added 2005/03/09 5:0 a.m.•52 views

CVE-2005-0699

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

7.5CVSS7.7AI score0.04233EPSS

CVE•added 2005/12/10 11:3 a.m.•48 views

CVE-2005-3651

Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.

7.5CVSS7.8AI score0.05202EPSS

CVE•added 2005/10/27 10:2 a.m.•47 views

CVE-2005-3243

Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.

7.5CVSS7.4AI score0.20239EPSS

CVE•added 2007/11/23 8:46 p.m.•47 views

CVE-2007-6118

The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.

7.8CVSS6.1AI score0.05029EPSS

CVE•added 2002/08/12 4:0 a.m.•45 views

CVE-2002-0821

Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.

7.5CVSS7.8AI score0.01938EPSS

CVE•added 2005/05/05 4:0 a.m.•44 views

CVE-2005-1463

Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.02261EPSS

CVE•added 2003/04/02 5:0 a.m.•43 views

CVE-2003-0159

Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5CVSS9.9AI score0.02414EPSS

CVE•added 2003/07/24 4:0 a.m.•43 views

CVE-2003-0429

The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.

7.5CVSS9.7AI score0.02584EPSS

CVE•added 2003/04/02 5:0 a.m.•42 views

CVE-2002-0402

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.

7.5CVSS8.1AI score0.02684EPSS

CVE•added 2003/06/09 4:0 a.m.•42 views

CVE-2003-0357

Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.

7.5CVSS9.9AI score0.14379EPSS

CVE•added 2001/05/07 4:0 a.m.•41 views

CVE-2000-1174

Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username.

7.5CVSS8.2AI score0.09555EPSS

CVE•added 2002/09/24 4:0 a.m.•41 views

CVE-2002-0834

Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.

7.5CVSS7.8AI score0.01711EPSS

CVE•added 2004/09/01 4:0 a.m.•41 views

CVE-2003-0081

Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

7.5CVSS9.7AI score0.047EPSS

CVE•added 2005/05/05 4:0 a.m.•41 views

CVE-2005-1461

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 ...

7.5CVSS7.2AI score0.09699EPSS

CVE•added 2005/12/29 11:3 a.m.•41 views

CVE-2005-4585

Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

7.8CVSS6.3AI score0.0517EPSS

CVE•added 2003/12/01 5:0 a.m.•40 views

CVE-2003-0927

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

7.5CVSS8AI score0.02429EPSS

CVE•added 2002/08/12 4:0 a.m.•39 views

CVE-2002-0822

Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.

7.5CVSS7.4AI score0.00636EPSS

CVE•added 2002/12/23 5:0 a.m.•35 views

CVE-2002-1356

Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages.

7.5CVSS7.9AI score0.02051EPSS

CVE•added 2005/05/05 4:0 a.m.•35 views

CVE-2005-1462

Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

7.5CVSS7AI score0.01888EPSS

CVE•added 2001/09/12 4:0 a.m.•34 views

CVE-1999-1227

Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.

7.2CVSS6.7AI score0.0005EPSS