Vulnerabilities > CVE-2005-0807 - Remote Heap Buffer Overflow vulnerability in Massimiliano Montoro Cain & Abel PSK Sniffer

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

oxid

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.

Vulnerable Configurations

Part	Description	Count
Application	Oxid Oxid Cain AND Abel 2.5 Oxid Cain AND Abel 2.5_Beta21 Oxid Cain AND Abel 2.5_Beta29 Oxid Cain AND Abel 2.5_Beta34 Oxid Cain AND Abel 2.5_Beta36 Oxid Cain AND Abel 2.5_Beta40 Oxid Cain AND Abel 2.5_Beta41 Oxid Cain AND Abel 2.5_Beta47 Oxid Cain AND Abel 2.5_Beta51 Oxid Cain AND Abel 2.5_Beta56 Oxid Cain AND Abel 2.5_Beta59 Oxid Cain AND Abel 2.5_Beta65 Oxid Cain AND Abel 2.65	13

Summary

Vulnerable Configurations

References