CVE-2005-0739

Ethereal 0.9.1-0.10.9 - Buffer Overflow in IAPP Dissector

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0739. PoCs published by Leon Juranic.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Ethereal's IAPP dissector by sending a maliciously crafted UDP packet to port 2313. The PoC constructs a packet with an oversized payload to trigger the crash.

Description

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Leon Juranic · c++doswindows

https://www.exploit-db.com/exploits/874

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Ethereal's IAPP dissector by sending a maliciously crafted UDP packet to port 2313. The PoC constructs a packet with an oversized payload to trigger the crash.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Ethereal (versions prior to fix for CVE-2005-0739)

No auth needed

Prerequisites: Network access to target · Target running vulnerable Ethereal version

MITRE ATT&CK