CVE-2005-1461

Ethereal <0.10.11 - RCE/DoS

Title source: llm

Description

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Team W00dp3ck3r · cremotelinux

https://www.exploit-db.com/exploits/1021

View Code ZIP pw:eip

References (7)

[URL Repurposed] http://www.ethereal.com/appnotes/enpa-sa-00019.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9853

[URL Repurposed] http://www.ethereal.com/news/item_20050504_01.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-427.html

[Vendor Advisory] http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/13504

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963

Scores

EPSS 0.1234

EPSS Percentile 93.9%

Details

Status published

Products (35)

ethereal_group/ethereal 0.8

ethereal_group/ethereal 0.8.13

ethereal_group/ethereal 0.8.14

ethereal_group/ethereal 0.8.15

ethereal_group/ethereal 0.8.18

ethereal_group/ethereal 0.8.19

ethereal_group/ethereal 0.9

ethereal_group/ethereal 0.9.1

ethereal_group/ethereal 0.9.2

ethereal_group/ethereal 0.9.3

... and 25 more

Published May 05, 2005

Tracked Since Feb 18, 2026