Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ethereal_group | ethereal | 0.9.10 |
| ethereal_group | ethereal | 0.9.11 |
| suse | suse_linux | 9.0 |
| ethereal_group | ethereal | 0.9.1 |
| ethereal_group | ethereal | 0.10.6 |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| ethereal_group | ethereal | 0.10.1 |
| ethereal_group | ethereal | 0.10.5 |
| suse | suse_linux | 8.2 |
| ethereal_group | ethereal | 0.10.2 |
| conectiva | linux | 9.0 |
| ethereal_group | ethereal | 0.10.3 |
| altlinux | alt_linux | 2.3 |
| redhat | enterprise_linux | 3.0 |
| ethereal_group | ethereal | 0.9.6 |
| suse | suse_linux | 9.2 |
| ethereal_group | ethereal | 0.9.5 |
| suse | suse_linux | 9.1 |
| ethereal_group | ethereal | 0.9.12 |
| ethereal_group | ethereal | 0.9.8 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 8.0 |
| ethereal_group | ethereal | 0.10.7 |
| ethereal_group | ethereal | 0.9.14 |
| ethereal_group | ethereal | 0.10 |
| ethereal_group | ethereal | 0.9.15 |
| debian | debian_linux | 3.0 |
| conectiva | linux | 10.0 |
| ethereal_group | ethereal | 0.9.7 |
| ethereal_group | ethereal | 0.10.4 |
| ethereal_group | ethereal | 0.9.2 |
| ethereal_group | ethereal | 0.9.9 |
| ethereal_group | ethereal | 0.9.3 |
| ethereal_group | ethereal | 0.9.16 |
| redhat | enterprise_linux | 2.1 |
| ethereal_group | ethereal | 0.9.4 |
| ethereal_group | ethereal | 0.9 |
| ethereal_group | ethereal | 0.9.13 |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ethereal_group | ethereal | 0.9.10 |
| ethereal_group | ethereal | 0.9.11 |
| suse | suse_linux | 9.0 |
| ethereal_group | ethereal | 0.9.1 |
| ethereal_group | ethereal | 0.10.6 |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| ethereal_group | ethereal | 0.10.1 |
| ethereal_group | ethereal | 0.10.5 |
| suse | suse_linux | 8.2 |
| ethereal_group | ethereal | 0.10.2 |
| conectiva | linux | 9.0 |
| ethereal_group | ethereal | 0.10.3 |
| altlinux | alt_linux | 2.3 |
| redhat | enterprise_linux | 3.0 |
| ethereal_group | ethereal | 0.9.6 |
| suse | suse_linux | 9.2 |
| ethereal_group | ethereal | 0.9.5 |
| suse | suse_linux | 9.1 |
| ethereal_group | ethereal | 0.9.12 |
| ethereal_group | ethereal | 0.9.8 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 8.0 |
| ethereal_group | ethereal | 0.10.7 |
| ethereal_group | ethereal | 0.9.14 |
| ethereal_group | ethereal | 0.10 |
| ethereal_group | ethereal | 0.9.15 |
| debian | debian_linux | 3.0 |
| conectiva | linux | 10.0 |
| ethereal_group | ethereal | 0.9.7 |
| ethereal_group | ethereal | 0.10.4 |
| ethereal_group | ethereal | 0.9.2 |
| ethereal_group | ethereal | 0.9.9 |
| ethereal_group | ethereal | 0.9.3 |
| ethereal_group | ethereal | 0.9.16 |
| redhat | enterprise_linux | 2.1 |
| ethereal_group | ethereal | 0.9.4 |
| ethereal_group | ethereal | 0.9 |
| ethereal_group | ethereal | 0.9.13 |
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ethereal_group | ethereal | 0.9.10 |
| ethereal_group | ethereal | 0.9.11 |
| suse | suse_linux | 9.0 |
| ethereal_group | ethereal | 0.9.1 |
| ethereal_group | ethereal | 0.10.6 |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| ethereal_group | ethereal | 0.10.1 |
| ethereal_group | ethereal | 0.10.5 |
| suse | suse_linux | 8.2 |
| ethereal_group | ethereal | 0.10.2 |
| conectiva | linux | 9.0 |
| ethereal_group | ethereal | 0.10.3 |
| altlinux | alt_linux | 2.3 |
| redhat | enterprise_linux | 3.0 |
| ethereal_group | ethereal | 0.9.6 |
| suse | suse_linux | 9.2 |
| ethereal_group | ethereal | 0.9.5 |
| suse | suse_linux | 9.1 |
| ethereal_group | ethereal | 0.9.12 |
| ethereal_group | ethereal | 0.9.8 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 8.0 |
| ethereal_group | ethereal | 0.10.7 |
| ethereal_group | ethereal | 0.9.14 |
| ethereal_group | ethereal | 0.10 |
| ethereal_group | ethereal | 0.9.15 |
| debian | debian_linux | 3.0 |
| conectiva | linux | 10.0 |
| ethereal_group | ethereal | 0.9.7 |
| ethereal_group | ethereal | 0.10.4 |
| ethereal_group | ethereal | 0.9.2 |
| ethereal_group | ethereal | 0.9.9 |
| ethereal_group | ethereal | 0.9.3 |
| ethereal_group | ethereal | 0.9.16 |
| redhat | enterprise_linux | 2.1 |
| ethereal_group | ethereal | 0.9.4 |
| ethereal_group | ethereal | 0.9 |
| ethereal_group | ethereal | 0.9.13 |
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ipsec-tools | ipsec-tools | 0.3.3 |
| kame | racoon | 2004-05-03 |
| kame | racoon | 2005-01-24 |
| kame | racoon | 2005-01-10 |
| kame | racoon | 2003-07-11 |
| redhat | enterprise_linux_desktop | 3.0 |
| kame | racoon | 2005-03-07 |
| sgi | propack | 3.0 |
| kame | racoon | 2005-02-14 |
| altlinux | alt_linux | 2.3 |
| redhat | enterprise_linux | 3.0 |
| suse | suse_linux | 9.2 |
| kame | racoon | 2004-04-07b |
| suse | suse_linux | 9.1 |
| redhat | enterprise_linux | 4.0 |
| kame | racoon | 2005-01-03 |
| kame | racoon | 2005-01-17 |
| kame | racoon | 2005-02-07 |
| kame | racoon | 2004-04-05 |
| ipsec-tools | ipsec-tools | 0.5 |
| suse | suse_linux | * |
| kame | racoon | 2005-02-21 |
| kame | racoon | 2005-01-31 |
| redhat | enterprise_linux_desktop | 4.0 |
| kame | racoon | 2005-02-28 |
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xfree86_project | x11r6 | 4.0 |
| x.org | x11r6 | 6.8.1 |
| xfree86_project | x11r6 | 4.1.11 |
| suse | suse_linux | 9.0 |
| xfree86_project | x11r6 | 3.3.4 |
| suse | suse_linux | 7.3 |
| suse | suse_linux | 6.3 |
| x.org | x11r6 | 6.7.0 |
| xfree86_project | x11r6 | 4.2.0 |
| suse | suse_linux | 6.4 |
| xfree86_project | x11r6 | 3.3.5 |
| redhat | enterprise_linux_desktop | 3.0 |
| suse | suse_linux | 8.2 |
| altlinux | alt_linux | 2.3 |
| suse | suse_linux | 9.1 |
| xfree86_project | x11r6 | 4.3.0.1 |
| xfree86_project | x11r6 | 3.3.3 |
| redhat | enterprise_linux | 4.0 |
| xfree86_project | x11r6 | 4.3.0.2 |
| suse | suse_linux | 8.1 |
| xfree86_project | x11r6 | 4.2.1 |
| xfree86_project | x11r6 | 4.0.1 |
| redhat | enterprise_linux_desktop | 4.0 |
| xfree86_project | x11r6 | 4.0.2.11 |
| mandrakesoft | mandrake_linux | 10.0 |
| suse | suse_linux | 6.2 |
| redhat | fedora_core | core_2.0 |
| mandrakesoft | mandrake_linux | 10.1 |
| suse | suse_linux | 7.1 |
| suse | suse_linux | 6.1 |
| mandrakesoft | mandrake_linux | 10.2 |
| xfree86_project | x11r6 | 4.1.0 |
| suse | suse_linux | 7.0 |
| xfree86_project | x11r6 | 4.0.3 |
| xfree86_project | x11r6 | 4.3.0 |
| lesstif | lesstif | 0.93.94 |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| sgi | propack | 3.0 |
| xfree86_project | x11r6 | 3.3.2 |
| redhat | enterprise_linux | 3.0 |
| suse | suse_linux | 9.2 |
| xfree86_project | x11r6 | 4.1.12 |
| suse | suse_linux | 8.0 |
| redhat | fedora_core | core_3.0 |
| xfree86_project | x11r6 | 3.3.6 |
| suse | suse_linux | 7.2 |
| x.org | x11r6 | 6.8 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| xfree86_project | x11r6 | 3.3 |
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | suse_linux | 7.1 |
| suse | suse_linux | 3.0 |
| suse | suse_linux | 6.1 |
| suse | suse_linux | 4.2 |
| suse | suse_linux | 9.0 |
| suse | suse_linux | 7.3 |
| suse | suse_linux | 7.0 |
| suse | suse_linux | 6.3 |
| xli | xli | 1.15 |
| suse | suse_linux | 6.4 |
| xli | xli | 1.17 |
| suse | suse_linux | 9.3 |
| suse | suse_linux | 5.1 |
| suse | suse_linux | 8.2 |
| suse | suse_linux | 2.0 |
| altlinux | alt_linux | 2.3 |
| suse | suse_linux | 9.2 |
| suse | suse_linux | 5.3 |
| suse | suse_linux | 9.1 |
| suse | suse_linux | 4.4.1 |
| suse | suse_linux | 4.3 |
| suse | suse_linux | 5.2 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 8.0 |
| suse | suse_linux | 1.0 |
| suse | suse_linux | 6.0 |
| suse | suse_linux | 4.0 |
| suse | suse_linux | 4.4 |
| suse | suse_linux | 7.2 |
| xli | xli | 1.14 |
| xli | xli | 1.16 |
| suse | suse_linux | 6.2 |
| suse | suse_linux | 5.0 |
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | suse_linux | 7.1 |
| suse | suse_linux | 3.0 |
| suse | suse_linux | 6.1 |
| suse | suse_linux | 4.2 |
| suse | suse_linux | 9.0 |
| suse | suse_linux | 7.3 |
| suse | suse_linux | 7.0 |
| suse | suse_linux | 6.3 |
| xli | xli | 1.15 |
| suse | suse_linux | 6.4 |
| xli | xli | 1.17 |
| suse | suse_linux | 9.3 |
| suse | suse_linux | 5.1 |
| suse | suse_linux | 8.2 |
| suse | suse_linux | 2.0 |
| altlinux | alt_linux | 2.3 |
| suse | suse_linux | 9.2 |
| suse | suse_linux | 5.3 |
| suse | suse_linux | 9.1 |
| suse | suse_linux | 4.4.1 |
| suse | suse_linux | 4.3 |
| suse | suse_linux | 5.2 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 8.0 |
| suse | suse_linux | 1.0 |
| suse | suse_linux | 6.0 |
| suse | suse_linux | 4.0 |
| suse | suse_linux | 4.4 |
| suse | suse_linux | 7.2 |
| xli | xli | 1.14 |
| xli | xli | 1.16 |
| suse | suse_linux | 6.2 |
| suse | suse_linux | 5.0 |
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sylpheed | sylpheed | 0.9.10 |
| sylpheed | sylpheed | 1.0.2 |
| sylpheed | sylpheed | 0.9.4 |
| redhat | linux_advanced_workstation | 2.1 |
| sylpheed | sylpheed | 0.9.99 |
| sylpheed | sylpheed | 0.9.11 |
| redhat | fedora_core | core_3.0 |
| sylpheed | sylpheed | 0.9.6 |
| sylpheed | sylpheed | 0.9.9 |
| sylpheed | sylpheed | 1.0.0 |
| sylpheed | sylpheed | 0.9.7 |
| sylpheed | sylpheed | 0.8.11 |
| sylpheed | sylpheed | 0.9.5 |
| sylpheed | sylpheed | 0.9.8 |
| gentoo | linux | * |
| sylpheed | sylpheed | 1.0.1 |
| altlinux | alt_linux | 2.3 |
| redhat | enterprise_linux | 2.1 |
| sylpheed-claws | sylpheed-claws | 1.0.2 |
| sylpheed | sylpheed | 0.9.12 |
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 4.0 |
| redhat | linux_advanced_workstation | 2.1 |
| altlinux | alt_linux | junior_2.3 |
| ethereal_group | ethereal | 0.10.8 |
| ethereal_group | ethereal | 0.10.7 |
| ethereal_group | ethereal | 0.10.6 |
| redhat | enterprise_linux_desktop | 3.0 |
| conectiva | linux | 10.0 |
| ethereal_group | ethereal | 0.10.4 |
| ethereal_group | ethereal | 0.10.9 |
| altlinux | alt_linux | compact_2.3 |
| ethereal_group | ethereal | 0.10.5 |
| redhat | enterprise_linux_desktop | 4.0 |
| conectiva | linux | 9.0 |
| ethereal_group | ethereal | 0.10.3 |
| redhat | enterprise_linux | 3.0 |
| redhat | enterprise_linux | 2.1 |