Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ethereal
(Ethereal_group)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 105 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-09-24 | CVE-2002-0834 | Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. | Ethereal | N/A | ||
| 2004-05-04 | CVE-2004-0367 | Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector. | Ethereal | N/A | ||
| 2002-12-23 | CVE-2002-1356 | Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | Ethereal | N/A | ||
| 2002-12-23 | CVE-2002-1355 | Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. | Ethereal | N/A | ||
| 2004-12-06 | CVE-2004-0635 | The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
| 2003-03-18 | CVE-2003-0081 | Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | Ethereal | N/A | ||
| 2003-04-02 | CVE-2003-0159 | Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | Ethereal | N/A | ||
| 2004-12-06 | CVE-2004-0634 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
| 2004-12-06 | CVE-2004-0633 | The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
| 2003-07-24 | CVE-2003-0432 | Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. | Ethereal | N/A |