5
CVE-2005-0739
- EPSS 7.61%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:11:40
- Quelle security@debian.org
- CVE-Watchlists
- Unerledigt
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ethereal Group ≫ Ethereal Version <= 0.10.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.61% | 0.938 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.ethereal.com/appnotes/enpa-sa-00018.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/support/errata/RHSA-2005-306.html
http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml
http://www.securityfocus.com/bid/12762
http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707
http://marc.info/?l=bugtraq&m=111066805726551&w=2
http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05
http://www.debian.org/security/2005/dsa-718
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687