Vulnerabilities > CVE-2005-1468 - Unspecified vulnerability in Ethereal Group Ethereal

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200505-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200505-03 (Ethereal: Numerous vulnerabilities) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. The Telnet and DHCP dissectors could abort. The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly. Impact : An attacker might be able to use these vulnerabilities to crash Ethereal and execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id18229
    published2005-05-11
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18229
    titleGLSA-200505-03 : Ethereal: Numerous vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200505-03.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(18229);
      script_version("1.20");
      script_cvs_date("Date: 2019/08/02 13:32:42");
    
      script_cve_id("CVE-2005-1456", "CVE-2005-1457", "CVE-2005-1458", "CVE-2005-1459", "CVE-2005-1460", "CVE-2005-1461", "CVE-2005-1462", "CVE-2005-1463", "CVE-2005-1464", "CVE-2005-1465", "CVE-2005-1466", "CVE-2005-1467", "CVE-2005-1468", "CVE-2005-1469", "CVE-2005-1470");
      script_xref(name:"GLSA", value:"200505-03");
    
      script_name(english:"GLSA-200505-03 : Ethereal: Numerous vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200505-03
    (Ethereal: Numerous vulnerabilities)
    
        There are numerous vulnerabilities in versions of Ethereal prior
        to 0.10.11, including:
        The ANSI A and DHCP dissectors are
        vulnerable to format string vulnerabilities.
        The DISTCC,
        FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX
        Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation
        dissectors are vulnerable to buffer overflows.
        The KINK, WSP,
        SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors
        are vulnerable to pointer handling errors.
        The LMP, KINK,
        MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are
        vulnerable to looping problems.
        The Telnet and DHCP dissectors
        could abort.
        The TZSP, Bittorrent, SMB, MGCP and ISUP
        dissectors could cause a segmentation fault.
        The WSP, 802.3
        Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE,
        MRDISC and TCAP dissectors could throw assertions.
        The DICOM,
        NDPS and ICEP dissectors are vulnerable to memory handling errors.
        The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP
        dissectors could terminate abnormallly.
      
    Impact :
    
        An attacker might be able to use these vulnerabilities to crash
        Ethereal and execute arbitrary code with the permissions of the user
        running Ethereal, which could be the root user.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      # http://www.ethereal.com/appnotes/enpa-sa-00019.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00019.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200505-03"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Ethereal users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.11'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ethereal");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/05/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/11");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-analyzer/ethereal", unaffected:make_list("ge 0.10.11"), vulnerable:make_list("lt 0.10.11"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ethereal");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_76ADAAB0E4E311D9B8750001020EED82.NASL
    descriptionAn Ethreal Security Advisories reports : An aggressive testing program as well as independent discovery has turned up a multitude of security issues Please reference CVE/URL list for details
    last seen2020-06-01
    modified2020-06-02
    plugin id18986
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/18986
    titleFreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (76adaab0-e4e3-11d9-b875-0001020eed82)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-427.NASL
    descriptionUpdated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, and CVE-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id18386
    published2005-05-28
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/18386
    titleRHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:427)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-083.NASL
    descriptionA number of vulnerabilities were discovered in previous version of Ethereal that have been fixed in the 0.10.11 release, including : - The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. - The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. - The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. - The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. - The Telnet and DHCP dissectors could abort. - The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. - The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. - The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. - The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly.
    last seen2020-06-01
    modified2020-06-02
    plugin id18237
    published2005-05-11
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18237
    titleMandrake Linux Security Advisory : ethereal (MDKSA-2005:083)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-427.NASL
    descriptionUpdated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, and CVE-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id21824
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21824
    titleCentOS 3 / 4 : ethereal (CESA-2005:427)

Oval

accepted2013-04-29T04:00:53.930-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionMultiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.
familyunix
idoval:org.mitre.oval:def:10049
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleMultiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.
version27

Redhat

advisories
rhsa
idRHSA-2005:427
rpms
  • ethereal-0:0.10.11-1.EL3.1
  • ethereal-debuginfo-0:0.10.11-1.EL3.1
  • ethereal-gnome-0:0.10.11-1.EL3.1