Vulnerabilities > CVE-2003-1013 - NULL Pointer Dereference vulnerability in Ethereal
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2004-002.NASL description Updated Ethereal packages that fix two security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. Two security issues have been found that affect Ethereal. By exploiting these issues it may be possible to make Ethereal crash by injecting an intentionally malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It is not known if these issues could allow arbitrary code execution. The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1012 to this issue. The Q.931 dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1013 to this issue. Users of Ethereal should update to these erratum packages containing Ethereal version 0.10.0, which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 12445 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12445 title RHEL 2.1 / 3 : ethereal (RHSA-2004:002) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-407.NASL description Several vulnerabilities were discovered upstream in ethereal, a network traffic analyzer. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2003-0925 A buffer overflow allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. - CAN-2003-0926 Via certain malformed ISAKMP or MEGACO packets remote attackers are able to cause a denial of service (crash). - CAN-2003-0927 A heap-based buffer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. - CAN-2003-1012 The SMB dissector allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of selected packets. - CAN-2003-1013 The Q.931 dissector allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. last seen 2020-06-01 modified 2020-06-02 plugin id 15244 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15244 title Debian DSA-407-1 : ethereal - buffer overflows NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-002.NASL description Two vulnerabilities were discovered in versions of Ethereal prior to 0.10.0 that can be exploited to make Ethereal crash by injecting malformed packets onto the wire or by convincing a user to read a malformed packet trace file. The first vulnerability is in the SMB dissector and the second is in the Q.391 dissector. It is not known whether or not these issues could lead to the execution of arbitrary code. The updated packages provide Ethereal 0.10.0 which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 14102 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14102 title Mandrake Linux Security Advisory : ethereal (MDKSA-2004:002)
Oval
accepted 2013-04-29T04:01:35.809-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651
description The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. family unix id oval:org.mitre.oval:def:10097 status accepted submitted 2010-07-09T03:56:16-04:00 title The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. version 26 accepted 2007-04-25T19:53:02.172-04:00 class vulnerability contributors name Jay Beale organization Bastille Linux name Matt Busby organization The MITRE Corporation name Thomas R. Jones organization Maitreya Security
description The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. family unix id oval:org.mitre.oval:def:857 status accepted submitted 2004-03-20T12:00:00.000-04:00 title Ethereal Malformed Q.931 Packet Vulnerability version 38
Redhat
advisories |
| ||||||||
rpms |
|
References
- ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
- ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
- ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
- ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000801
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000801
- http://secunia.com/advisories/10531
- http://secunia.com/advisories/10531
- http://secunia.com/advisories/10568
- http://secunia.com/advisories/10568
- http://secunia.com/advisories/10570
- http://secunia.com/advisories/10570
- http://www.debian.org/security/2003/dsa-407
- http://www.debian.org/security/2003/dsa-407
- http://www.ethereal.com/appnotes/enpa-sa-00012.html
- http://www.ethereal.com/appnotes/enpa-sa-00012.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:002
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:002
- http://www.redhat.com/support/errata/RHSA-2004-001.html
- http://www.redhat.com/support/errata/RHSA-2004-001.html
- http://www.redhat.com/support/errata/RHSA-2004-002.html
- http://www.redhat.com/support/errata/RHSA-2004-002.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10097
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10097
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A857
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A857