Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ethereal
(Ethereal_group)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 105 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-18 | CVE-2003-0081 | Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | Ethereal | N/A | ||
| 2003-04-02 | CVE-2003-0159 | Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | Ethereal | N/A | ||
| 2004-12-06 | CVE-2004-0634 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
| 2004-12-06 | CVE-2004-0633 | The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
| 2003-07-24 | CVE-2003-0432 | Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. | Ethereal | N/A | ||
| 2003-07-24 | CVE-2003-0431 | The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. | Ethereal | N/A | ||
| 2003-07-24 | CVE-2003-0430 | The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. | Ethereal | N/A | ||
| 2003-07-24 | CVE-2003-0429 | The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | Ethereal | N/A | ||
| 2004-12-31 | CVE-2004-1761 | Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file. | Ethereal | N/A | ||
| 2003-12-01 | CVE-2003-0927 | Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. | Ethereal | N/A |