CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:as:*:*:*:*:*

History

14 Feb 2024, 01:17

Type Values Removed Values Added
References (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00015.html - (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00015.html - URL Repurposed

Information

Published : 2004-12-06 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2004-0634

Mitre link : CVE-2004-0634

CVE.ORG link : CVE-2004-0634


JSON object : View

Products Affected

redhat

  • enterprise_linux
  • linux_advanced_workstation

mandrakesoft

  • mandrake_linux

gentoo

  • linux

ethereal_group

  • ethereal