Vulnerabilities > CVE-2003-1013 - NULL Pointer Dereference vulnerability in Ethereal

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
ethereal
CWE-476
nessus

Summary

The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-002.NASL
    descriptionUpdated Ethereal packages that fix two security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. Two security issues have been found that affect Ethereal. By exploiting these issues it may be possible to make Ethereal crash by injecting an intentionally malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It is not known if these issues could allow arbitrary code execution. The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1012 to this issue. The Q.931 dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1013 to this issue. Users of Ethereal should update to these erratum packages containing Ethereal version 0.10.0, which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id12445
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12445
    titleRHEL 2.1 / 3 : ethereal (RHSA-2004:002)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-407.NASL
    descriptionSeveral vulnerabilities were discovered upstream in ethereal, a network traffic analyzer. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2003-0925 A buffer overflow allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. - CAN-2003-0926 Via certain malformed ISAKMP or MEGACO packets remote attackers are able to cause a denial of service (crash). - CAN-2003-0927 A heap-based buffer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. - CAN-2003-1012 The SMB dissector allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of selected packets. - CAN-2003-1013 The Q.931 dissector allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    last seen2020-06-01
    modified2020-06-02
    plugin id15244
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15244
    titleDebian DSA-407-1 : ethereal - buffer overflows
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-002.NASL
    descriptionTwo vulnerabilities were discovered in versions of Ethereal prior to 0.10.0 that can be exploited to make Ethereal crash by injecting malformed packets onto the wire or by convincing a user to read a malformed packet trace file. The first vulnerability is in the SMB dissector and the second is in the Q.391 dissector. It is not known whether or not these issues could lead to the execution of arbitrary code. The updated packages provide Ethereal 0.10.0 which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id14102
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14102
    titleMandrake Linux Security Advisory : ethereal (MDKSA-2004:002)

Oval

  • accepted2013-04-29T04:01:35.809-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    descriptionThe Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    familyunix
    idoval:org.mitre.oval:def:10097
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleThe Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    version26
  • accepted2007-04-25T19:53:02.172-04:00
    classvulnerability
    contributors
    • nameJay Beale
      organizationBastille Linux
    • nameMatt Busby
      organizationThe MITRE Corporation
    • nameThomas R. Jones
      organizationMaitreya Security
    descriptionThe Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    familyunix
    idoval:org.mitre.oval:def:857
    statusaccepted
    submitted2004-03-20T12:00:00.000-04:00
    titleEthereal Malformed Q.931 Packet Vulnerability
    version38

Redhat

advisories
  • rhsa
    idRHSA-2004:001
  • rhsa
    idRHSA-2004:002
rpms
  • ethereal-0:0.10.0a-0.30E.1
  • ethereal-gnome-0:0.10.0a-0.30E.1

References