CVE-2005-0699

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-0699
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://marc.info/?l=bugtraq&m=111038641832400&w=2
http://marc.info/?l=bugtraq&m=111083125521813&w=2
http://security.gentoo.org/glsa/glsa-200503-16.xml Patch Vendor Advisory
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04
http://www.ethereal.com/appnotes/enpa-sa-00018.html Exploit Patch Vendor Advisory URL Repurposed
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-306.html Patch Vendor Advisory
http://www.securityfocus.com/archive/1/392659 Exploit Vendor Advisory
http://www.securityfocus.com/bid/12759 Exploit Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147
http://marc.info/?l=bugtraq&m=111038641832400&w=2
http://marc.info/?l=bugtraq&m=111083125521813&w=2
http://security.gentoo.org/glsa/glsa-200503-16.xml Patch Vendor Advisory
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04
http://www.ethereal.com/appnotes/enpa-sa-00018.html Exploit Patch Vendor Advisory URL Repurposed
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-306.html Patch Vendor Advisory
http://www.securityfocus.com/archive/1/392659 Exploit Vendor Advisory
http://www.securityfocus.com/bid/12759 Exploit Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.8:*:*:*:*:*:*:*
cpe:2.3:a:ethereal_group:ethereal:0.10.9:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:altlinux:alt_linux:compact_2.3:*:*:*:*:*:*:*
cpe:2.3:o:altlinux:alt_linux:junior_2.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
History

20 Nov 2024, 23:55

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=111038641832400&w=2 - () http://marc.info/?l=bugtraq&m=111038641832400&w=2 -
References () http://marc.info/?l=bugtraq&m=111083125521813&w=2 - () http://marc.info/?l=bugtraq&m=111083125521813&w=2 -
References () http://security.gentoo.org/glsa/glsa-200503-16.xml - Patch, Vendor Advisory () http://security.gentoo.org/glsa/glsa-200503-16.xml - Patch, Vendor Advisory
References () http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04 - () http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04 -
References () http://www.ethereal.com/appnotes/enpa-sa-00018.html - Exploit, Patch, Vendor Advisory, URL Repurposed () http://www.ethereal.com/appnotes/enpa-sa-00018.html - Exploit, Patch, Vendor Advisory, URL Repurposed
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 - () http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 -
References () http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html - () http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html -
References () http://www.redhat.com/support/errata/RHSA-2005-306.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2005-306.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/archive/1/392659 - Exploit, Vendor Advisory () http://www.securityfocus.com/archive/1/392659 - Exploit, Vendor Advisory
References () http://www.securityfocus.com/bid/12759 - Exploit, Patch, Vendor Advisory () http://www.securityfocus.com/bid/12759 - Exploit, Patch, Vendor Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00018.html - Exploit, Patch, Vendor Advisory (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00018.html - Exploit, Patch, Vendor Advisory, URL Repurposed
Information

Published : 2005-03-08 05:00

Updated : 2024-11-20 23:55

NVD link : CVE-2005-0699

Mitre link : CVE-2005-0699

CVE.ORG link : CVE-2005-0699

JSON object : View

Products Affected

altlinux

  • alt_linux

conectiva

  • linux

ethereal_group

  • ethereal

redhat

  • enterprise_linux_desktop
  • enterprise_linux
  • linux_advanced_workstation
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024