CVE-2005-1461

Ethereal < 0.10.11 - Multiple Buffer Overflows in Dissectors

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1461. PoCs published by Team W00dp3ck3r.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Ethereal's SIP dissector (CVE-2005-1461). It crafts a malicious SIP packet to overwrite the return address and execute shellcode that adds a user 'su' with password 'su' on the victim host.

Description

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Team W00dp3ck3r · cremotelinux

https://www.exploit-db.com/exploits/1021

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Ethereal's SIP dissector (CVE-2005-1461). It crafts a malicious SIP packet to overwrite the return address and execute shellcode that adds a user 'su' with password 'su' on the victim host.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ethereal 0.10.0 to 0.10.10

No auth needed

Prerequisites: Victim must run Ethereal as root · Network access to UDP port 5060

MITRE ATT&CK