Ethereal Security Vulnerabilities and Issues — Ethereal CVE List

Lucene search

Ethereal GroupEthereal

13 matches found

CVE•added 2003/12/01 5:0 a.m.•52 views

CVE-2003-0925

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

7.5CVSS7.9AI score0.02752EPSS

CVE•added 2003/04/02 5:0 a.m.•43 views

CVE-2003-0159

Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5CVSS9.9AI score0.02414EPSS

CVE•added 2003/07/24 4:0 a.m.•43 views

CVE-2003-0429

The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.

7.5CVSS9.7AI score0.02584EPSS

CVE•added 2003/04/02 5:0 a.m.•42 views

CVE-2002-0402

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.

7.5CVSS8.1AI score0.02684EPSS

CVE•added 2003/06/09 4:0 a.m.•42 views

CVE-2003-0357

Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.

7.5CVSS9.9AI score0.14379EPSS

CVE•added 2003/07/24 4:0 a.m.•41 views

CVE-2003-0431

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.

10CVSS9.5AI score0.00553EPSS

CVE•added 2003/12/01 5:0 a.m.•40 views

CVE-2003-0926

Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.

5CVSS7.3AI score0.02486EPSS

CVE•added 2003/12/01 5:0 a.m.•40 views

CVE-2003-0927

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

7.5CVSS8AI score0.02429EPSS

CVE•added 2003/07/24 4:0 a.m.•39 views

CVE-2003-0428

Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.

5CVSS8.9AI score0.02306EPSS

CVE•added 2003/07/24 4:0 a.m.•39 views

CVE-2003-0432

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

10CVSS9.4AI score0.00553EPSS

CVE•added 2003/07/24 4:0 a.m.•38 views

CVE-2003-0430

The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.

5CVSS9.1AI score0.01271EPSS

CVE•added 2003/04/02 5:0 a.m.•37 views

CVE-2002-0403

DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.

5CVSS7.4AI score0.01824EPSS

CVE•added 2003/04/02 5:0 a.m.•37 views

CVE-2002-0404

Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).

5CVSS7.3AI score0.01824EPSS