7.5

CVE-2005-2367

Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ethereal GroupEthereal Version0.9.4
Ethereal GroupEthereal Version0.9.5
Ethereal GroupEthereal Version0.9.6
Ethereal GroupEthereal Version0.9.7
Ethereal GroupEthereal Version0.9.8
Ethereal GroupEthereal Version0.9.9
Ethereal GroupEthereal Version0.9.10
Ethereal GroupEthereal Version0.9.11
Ethereal GroupEthereal Version0.9.12
Ethereal GroupEthereal Version0.9.13
Ethereal GroupEthereal Version0.9.14
Ethereal GroupEthereal Version0.9.15
Ethereal GroupEthereal Version0.9.16
Ethereal GroupEthereal Version0.10.0
Ethereal GroupEthereal Version0.10.1
Ethereal GroupEthereal Version0.10.2
Ethereal GroupEthereal Version0.10.3
Ethereal GroupEthereal Version0.10.4
Ethereal GroupEthereal Version0.10.5
Ethereal GroupEthereal Version0.10.6
Ethereal GroupEthereal Version0.10.7
Ethereal GroupEthereal Version0.10.8
Ethereal GroupEthereal Version0.10.9
Ethereal GroupEthereal Version0.10.10
Ethereal GroupEthereal Version0.10.11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.14% 0.925
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.novell.com/linux/security/advisories/2005_19_sr.html
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://secunia.com/advisories/16225/
http://secunia.com/advisories/17102
http://www.debian.org/security/2005/dsa-853
http://www.ethereal.com/appnotes/enpa-sa-00020.html
Patch
URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml
Patch
http://www.redhat.com/support/errata/RHSA-2005-687.html
http://www.securityfocus.com/bid/14399
http://www.idefense.com/application/poi/display?id=289&type=vulnerabilities
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:131
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10765