MidnightBSD

Advisories for ethereal_group

CVE-1999-1227 HIGH

Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2000-0333 MEDIUM

tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.8.6
ethereal_group ethereal 0.8.5
lbl tcpdump 3.4
lbl tcpdump 3.5a
ethereal_group ethereal 0.8.4
CVE-2000-1174 HIGH

Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2002-0353 MEDIUM

The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.2
CVE-2002-0401 HIGH

SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9_.0
ethereal ethereal *
debian debian_linux 2.2
CVE-2002-0402 HIGH

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9_.0
CVE-2002-0403 MEDIUM

DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9_.0
CVE-2002-0404 MEDIUM

Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9_.0
CVE-2002-0821 HIGH

Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2002-0822 HIGH

Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2002-0834 HIGH

Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9_.0
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8
CVE-2002-1355 MEDIUM

Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2002-1356 HIGH

Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0081 HIGH

Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.8
CVE-2003-0159 HIGH

Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.8
CVE-2003-0356 HIGH

Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-193,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0357 HIGH

Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0428 MEDIUM

Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0429 HIGH

The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0430 MEDIUM

The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0431 HIGH

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0432 HIGH

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2003-0925 HIGH

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.8
CVE-2003-0926 MEDIUM

Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.8
CVE-2003-0927 HIGH

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.8
CVE-2003-1012 MEDIUM

The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.8
CVE-2004-0176 MEDIUM

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2004-0367 MEDIUM

Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2004-0504 MEDIUM

Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 3.0
ethereal_group ethereal 0.10.1
sgi propack 2.4
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
CVE-2004-0505 MEDIUM

The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 3.0
ethereal_group ethereal 0.10.1
sgi propack 2.4
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
CVE-2004-0506 MEDIUM

The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 3.0
ethereal_group ethereal 0.10.1
sgi propack 2.4
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
CVE-2004-0507 HIGH

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 3.0
ethereal_group ethereal 0.10.1
sgi propack 2.4
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
CVE-2004-0633 MEDIUM

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
redhat enterprise_linux 3.0
mandrakesoft mandrake_linux 10.0
redhat linux_advanced_workstation 2.1
mandrakesoft mandrake_linux 9.2
ethereal_group ethereal 0.10.3
gentoo linux *
redhat enterprise_linux 2.1
CVE-2004-0634 MEDIUM

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
redhat enterprise_linux 3.0
mandrakesoft mandrake_linux 10.0
redhat linux_advanced_workstation 2.1
mandrakesoft mandrake_linux 9.2
gentoo linux *
ethereal_group ethereal 0.9.15
redhat enterprise_linux 2.1
CVE-2004-0635 MEDIUM

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
redhat enterprise_linux 3.0
ethereal_group ethereal 0.10.1
mandrakesoft mandrake_linux 9.2
gentoo linux *
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.9.16
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
redhat enterprise_linux 2.1
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
mandrakesoft mandrake_linux 10.0
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2004-1139 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.13
redhat enterprise_linux 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.1
conectiva linux 10.0
suse suse_linux 9.2
ethereal_group ethereal 0.9.1
suse suse_linux 9.1
ethereal_group ethereal 0.9.5
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.16
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
suse suse_linux 9.0
redhat enterprise_linux 2.1
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
sgi propack 3.0
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
debian debian_linux 3.0
suse suse_linux 8.2
ethereal_group ethereal 0.9.8
CVE-2004-1140 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2004-1141 MEDIUM

The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.7
CVE-2004-1142 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.13
redhat enterprise_linux 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.1
conectiva linux 10.0
suse suse_linux 9.2
ethereal_group ethereal 0.9.1
suse suse_linux 9.1
ethereal_group ethereal 0.9.5
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.16
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
suse suse_linux 9.0
redhat enterprise_linux 2.1
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
sgi propack 3.0
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
debian debian_linux 3.0
suse suse_linux 8.2
ethereal_group ethereal 0.9.8
CVE-2004-1145 MEDIUM

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.13
redhat enterprise_linux 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.1
conectiva linux 10.0
suse suse_linux 9.2
ethereal_group ethereal 0.9.1
suse suse_linux 9.1
ethereal_group ethereal 0.9.5
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.16
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
suse suse_linux 9.0
redhat enterprise_linux 2.1
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
sgi propack 3.0
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
debian debian_linux 3.0
suse suse_linux 8.2
ethereal_group ethereal 0.9.8
CVE-2004-1761 MEDIUM

Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.8.17a
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2005-0006 MEDIUM

The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0007 MEDIUM

Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0008 MEDIUM

Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0009 MEDIUM

Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0010 MEDIUM

Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0084 HIGH

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.8.17a
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2005-0699 HIGH

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
redhat enterprise_linux 3.0
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
altlinux alt_linux junior_2.3
conectiva linux 10.0
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
redhat enterprise_linux 4.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux_desktop 4.0
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
redhat enterprise_linux 2.1
altlinux alt_linux compact_2.3
CVE-2005-0704 HIGH

Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0705 MEDIUM

The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-0739 MEDIUM

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2005-0765 MEDIUM

Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.9
CVE-2005-0766 MEDIUM

Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2005-1281 MEDIUM

Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1456 MEDIUM

Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1457 MEDIUM

Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1458 MEDIUM

Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1459 MEDIUM

Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1460 MEDIUM

Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1461 HIGH

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1462 HIGH

Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1463 HIGH

Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1464 MEDIUM

Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1465 MEDIUM

Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1466 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1467 MEDIUM

Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1468 MEDIUM

Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1469 MEDIUM

Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-1470 MEDIUM

Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-2360 MEDIUM

Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free static memory and application crash) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.8.6
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.8.12
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.8.11
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.8.7
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.8.8
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.8.10
ethereal_group ethereal 0.8.5
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2005-2361 MEDIUM

Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-2362 MEDIUM

Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service (application crash) by reassembling certain packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-2363 MEDIUM

Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, (3) DHCP, (4) MEGACO dissector, or (5) H1 dissector in Ethereal 0.8.15 through 0.10.11 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2005-2364 MEDIUM

Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAMEL dissector in Ethereal 0.8.20 through 0.10.11 allows remote attackers to cause a denial of service (application crash) via certain packets that cause a null pointer dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-2365 MEDIUM

Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-2366 MEDIUM

Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows remote attackers to cause a denial of service (abort or infinite loop) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.11
CVE-2005-2367 HIGH

Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-3184 HIGH

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal *
CVE-2005-3241 MEDIUM

Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-3242 MEDIUM

Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.8
CVE-2005-3243 HIGH

Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-3244 MEDIUM

The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-3245 MEDIUM

Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.8
CVE-2005-3246 MEDIUM

Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.15
CVE-2005-3247 MEDIUM

The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.12
CVE-2005-3248 MEDIUM

Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2005-3249 MEDIUM

Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2005-3313 MEDIUM

The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.7.7
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.8.5
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-3651 HIGH

Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.7.7
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.8.5
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2005-4585 HIGH

Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2006-1932 HIGH

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.14
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-1933 MEDIUM

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-1934 MEDIUM

Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-1935 MEDIUM

Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.15
CVE-2006-1936 MEDIUM

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.15
CVE-2006-1937 MEDIUM

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) general packet dissectors; and (7) the statistics counter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-1938 MEDIUM

Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.8.6
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.8.13
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.8.11
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.8
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.8.17a
ethereal_group ethereal 0.8.7
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.8.8
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.8.5
ethereal_group ethereal 0.9_.0
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.8.12
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.8.14
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.8.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.8.10
ethereal_group ethereal 0.9.4
CVE-2006-1939 MEDIUM

Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9_.0
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2006-1940 MEDIUM

Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-3628 HIGH

Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-134,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.0
wireshark wireshark 0.10.4
ethereal_group ethereal 0.99.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.14
wireshark wireshark 0.10.13
wireshark wireshark 0.99.1
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.8
wireshark wireshark 0.99
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.10.13
wireshark wireshark 0.10
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.10.7
CVE-2006-3629 HIGH

Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.99.0
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.14
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
CVE-2006-3632 HIGH

Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.99.0
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.12
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.8.20
ethereal_group ethereal 0.10.14
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.9
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.9.0
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.11
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.8.17a
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.10.0
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.10
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.18
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.10.11
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.13
ethereal_group ethereal 0.10.0a
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.8
CVE-2010-1455 MEDIUM

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wireshark wireshark 0.99.8
wireshark wireshark 1.2.3
wireshark wireshark 1.0.10
ethereal_group ethereal 0.99.0
wireshark wireshark 1.0.12
wireshark wireshark 0.99.7
wireshark wireshark 1.0.2
wireshark wireshark 0.99.1
wireshark wireshark 1.0.1
wireshark wireshark 1.0.4
wireshark wireshark 0.99.2
wireshark wireshark 0.99.5
wireshark wireshark 1.0.9
wireshark wireshark 1.2.7
wireshark wireshark 1.2.0
wireshark wireshark 1.2.4
wireshark wireshark 1.0.6
ethereal_group ethereal 0.9.7
wireshark wireshark 0.9.6
wireshark wireshark 1.2.5
wireshark wireshark 1.2.1
ethereal_group ethereal 0.9.6
wireshark wireshark 1.0.5
wireshark wireshark 1.0.0
wireshark wireshark 1.0.8
wireshark wireshark 0.99.4
wireshark wireshark 1.0.3
wireshark wireshark 1.0.11
wireshark wireshark 0.99.6
wireshark wireshark 1.2.2
wireshark wireshark 0.99.3
wireshark wireshark 1.0.7
wireshark wireshark 0.99.0
wireshark wireshark 1.2.6
ethereal_group ethereal 0.9.8