CVE-2005-0739

Ethereal < 0.10.9 - Numeric Error

Title source: rule

Description

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Leon Juranic · c++doswindows

https://www.exploit-db.com/exploits/874

View Code ZIP pw:eip

References (11)

[URL Repurposed] http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707

[Mailing List] http://marc.info/?l=bugtraq&m=111066805726551&w=2

[Various Sources] http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05

[Patch] http://www.debian.org/security/2005/dsa-718

[Patch, URL Repurposed] http://www.ethereal.com/appnotes/enpa-sa-00018.html

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/12762

[Vendor Advisory] http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-306.html

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2005:053

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687

Scores

EPSS 0.1702

EPSS Percentile 95.0%

Details

CWE

CWE-189

Status published

Products (1)

ethereal_group/ethereal < 0.10.9

Published May 02, 2005

Tracked Since Feb 18, 2026