CVE-2005-0739

2005-05-02 06:00:00 2017-10-11 03:29:59

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Ethereal group Ethereal 0.10.9 (not an official CPE)

Ethereal group - Ethereal

Advisory	Patch	Confirmed	Link
			12762
			RHSA-2005:306
			FLSA-2006:152922
			MDKSA-2005:053
			GLSA-200503-16
			http://www.ethereal.com/appnotes/enpa-sa-00018.html
			DSA-718
			http://security.lss.hr/index.php?page=details&ID=LSS-200...
			20050312 Ethereal remote buffer overflow #2
			http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&...

CVE-2005-0739

2005-05-02 06:00:00 2017-10-11 03:29:59

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)