CVE-2005-0739

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-0739
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 URL Repurposed
http://marc.info/?l=bugtraq&m=111066805726551&w=2
http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05
http://www.debian.org/security/2005/dsa-718 Patch
http://www.ethereal.com/appnotes/enpa-sa-00018.html Patch URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-306.html
http://www.securityfocus.com/bid/12762
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687
http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 URL Repurposed
http://marc.info/?l=bugtraq&m=111066805726551&w=2
http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05
http://www.debian.org/security/2005/dsa-718 Patch
http://www.ethereal.com/appnotes/enpa-sa-00018.html Patch URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-306.html
http://www.securityfocus.com/bid/12762
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687
Configurations

Configuration 1 (hide)

cpe:2.3:a:ethereal_group:ethereal:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:55

Type Values Removed Values Added
References () http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 - URL Repurposed () http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 - URL Repurposed
References () http://marc.info/?l=bugtraq&m=111066805726551&w=2 - () http://marc.info/?l=bugtraq&m=111066805726551&w=2 -
References () http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 - () http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 -
References () http://www.debian.org/security/2005/dsa-718 - Patch () http://www.debian.org/security/2005/dsa-718 - Patch
References () http://www.ethereal.com/appnotes/enpa-sa-00018.html - Patch, URL Repurposed () http://www.ethereal.com/appnotes/enpa-sa-00018.html - Patch, URL Repurposed
References () http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml - () http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 - () http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 -
References () http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html - () http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html -
References () http://www.redhat.com/support/errata/RHSA-2005-306.html - () http://www.redhat.com/support/errata/RHSA-2005-306.html -
References () http://www.securityfocus.com/bid/12762 - () http://www.securityfocus.com/bid/12762 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 - (MISC) http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 - URL Repurposed
References (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00018.html - Patch (CONFIRM) http://www.ethereal.com/appnotes/enpa-sa-00018.html - Patch, URL Repurposed
Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:55

NVD link : CVE-2005-0739

Mitre link : CVE-2005-0739

CVE.ORG link : CVE-2005-0739

JSON object : View

Products Affected

ethereal_group

  • ethereal
CWE
CWE-189

Numeric Errors


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024