Vulnerabilities > CVE-2004-0635

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-220.NASL
    descriptionIssues have been discovered in the following protocol dissectors : - The iSNS dissector could make Ethereal abort in some cases. (0.10.3 - 0.10.4) CVE-2004-0633 - SMB SID snooping could crash if there was no policy name for a handle. (0.9.15 - 0.10.4) CVE-2004-0634 - The SNMP dissector could crash due to a malformed or missing community string. (0.8.15 - 0.10.4) CVE-2004-0635 Impact : It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution : Upgrade to 0.10.5. If you are running a version prior to 0.10.5 and you cannot upgrade, you can disable all of the protocol dissectors listed above by selecting Analyze->Enabled Protocols... and deselecting them from the list. For SMB, you can alternatively disable SID snooping in the SMB protocol preferences. However, it is strongly recommended that you upgrade to 0.10.5. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id13739
    published2004-07-23
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13739
    titleFedora Core 2 : ethereal-0.10.5-0.2.1 (2004-220)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-378.NASL
    descriptionUpdated Ethereal packages that fix various security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. The SNMP dissector in Ethereal releases 0.8.15 through 0.10.4 contained a memory read flaw. On a system where Ethereal is running, a remote attacker could send malicious packets that could cause Ethereal to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0635 to this issue. The SMB dissector in Ethereal releases 0.9.15 through 0.10.4 contained a NULL pointer flaw. On a system where Ethereal is running, a remote attacker could send malicious packets that could cause Ethereal to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0634 to this issue. The iSNS dissector in Ethereal releases 0.10.3 through 0.10.4 contained an integer overflow flaw. On a system where Ethereal is running, a remote attacker could send malicious packets that could cause Ethereal to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0633 to this issue. Users of Ethereal should upgrade to these updated packages, which contain a version that is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id14215
    published2004-08-05
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/14215
    titleRHEL 2.1 / 3 : ethereal (RHSA-2004:378)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_265C8B00D2D011D8B47902E0185C0B53.NASL
    descriptionIssues have been discovered in multiple protocol dissectors.
    last seen2020-06-01
    modified2020-06-02
    plugin id36365
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36365
    titleFreeBSD : multiple vulnerabilities in ethereal (265c8b00-d2d0-11d8-b479-02e0185c0b53)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-219.NASL
    descriptionIssues have been discovered in the following protocol dissectors : - The iSNS dissector could make Ethereal abort in some cases. (0.10.3 - 0.10.4) CVE-2004-0633 - SMB SID snooping could crash if there was no policy name for a handle. (0.9.15 - 0.10.4) CVE-2004-0634 - The SNMP dissector could crash due to a malformed or missing community string. (0.8.15 - 0.10.4) CVE-2004-0635 Impact : It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution : Upgrade to 0.10.5. If you are running a version prior to 0.10.5 and you cannot upgrade, you can disable all of the protocol dissectors listed above by selecting Analyze->Enabled Protocols... and deselecting them from the list. For SMB, you can alternatively disable SID snooping in the SMB protocol preferences. However, it is strongly recommended that you upgrade to 0.10.5. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id13738
    published2004-07-23
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13738
    titleFedora Core 1 : ethereal-0.10.5-0.1.1 (2004-219)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-067.NASL
    descriptionThree vulnerabilities were discovered in Ethereal versions prior to 0.10.5 in the iSNS, SMB SID, and SNMP dissectors. It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet into the wire or by convincing someone to read a malformed packet trace file. These vulnerabilities have been corrected in Ethereal 0.10.5.
    last seen2020-06-01
    modified2020-06-02
    plugin id14166
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14166
    titleMandrake Linux Security Advisory : ethereal (MDKSA-2004:067)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_ETHEREAL_0105.NASL
    descriptionThe following package needs to be updated: ethereal
    last seen2016-09-26
    modified2011-10-03
    plugin id12646
    published2004-07-11
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=12646
    titleFreeBSD : multiple vulnerabilities in ethereal (42)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-528.NASL
    descriptionSeveral denial of service vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilities are described in the ethereal advisory
    last seen2020-06-01
    modified2020-06-02
    plugin id15365
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15365
    titleDebian DSA-528-1 : ethereal - denial of service
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200407-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200407-08 (Ethereal: Multiple security problems) There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.5, including: In some cases the iSNS dissector could cause Ethereal to abort. If there was no policy name for a handle for SMB SID snooping it could cause a crash. A malformed or missing community string could cause the SNMP dissector to crash. Impact : An attacker could use these vulnerabilities to crash Ethereal or even execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : For a temporary workaround you can disable all affected protocol dissectors by selecting Analyze->Enabled Protocols... and deselecting them from the list. For SMB you can disable SID snooping in the SMB protocol preference. However, it is strongly recommended to upgrade to the latest stable version.
    last seen2020-06-01
    modified2020-06-02
    plugin id14541
    published2004-08-30
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14541
    titleGLSA-200407-08 : Ethereal: Multiple security problems

Oval

accepted2013-04-29T04:21:36.335-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
descriptionThe SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
familyunix
idoval:org.mitre.oval:def:9721
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
version26

Redhat

advisories
rhsa
idRHSA-2004:378
rpms
  • ethereal-0:0.10.5-0.30E.2
  • ethereal-debuginfo-0:0.10.5-0.30E.2
  • ethereal-gnome-0:0.10.5-0.30E.2