Vulnerabilities > CVE-2005-1470 - Unspecified vulnerability in Ethereal Group Ethereal
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
Vulnerable Configurations
Exploit-Db
description | Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit. CVE-2005-1470. Dos exploits for multiple platform |
id | EDB-ID:984 |
last seen | 2016-01-31 |
modified | 2005-05-07 |
published | 2005-05-07 |
reporter | Nicob |
source | https://www.exploit-db.com/download/984/ |
title | Ethereal <= 0.10.10 dissect_ipc_state Remote Denial of Service Exploit |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200505-03.NASL description The remote host is affected by the vulnerability described in GLSA-200505-03 (Ethereal: Numerous vulnerabilities) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. The Telnet and DHCP dissectors could abort. The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly. Impact : An attacker might be able to use these vulnerabilities to crash Ethereal and execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 18229 published 2005-05-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18229 title GLSA-200505-03 : Ethereal: Numerous vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200505-03. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(18229); script_version("1.20"); script_cvs_date("Date: 2019/08/02 13:32:42"); script_cve_id("CVE-2005-1456", "CVE-2005-1457", "CVE-2005-1458", "CVE-2005-1459", "CVE-2005-1460", "CVE-2005-1461", "CVE-2005-1462", "CVE-2005-1463", "CVE-2005-1464", "CVE-2005-1465", "CVE-2005-1466", "CVE-2005-1467", "CVE-2005-1468", "CVE-2005-1469", "CVE-2005-1470"); script_xref(name:"GLSA", value:"200505-03"); script_name(english:"GLSA-200505-03 : Ethereal: Numerous vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200505-03 (Ethereal: Numerous vulnerabilities) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. The Telnet and DHCP dissectors could abort. The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly. Impact : An attacker might be able to use these vulnerabilities to crash Ethereal and execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time." ); # http://www.ethereal.com/appnotes/enpa-sa-00019.html script_set_attribute( attribute:"see_also", value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00019.html" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200505-03" ); script_set_attribute( attribute:"solution", value: "All Ethereal users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.11'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_cwe_id(119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ethereal"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/05/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/11"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-analyzer/ethereal", unaffected:make_list("ge 0.10.11"), vulnerable:make_list("lt 0.10.11"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ethereal"); }
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_76ADAAB0E4E311D9B8750001020EED82.NASL description An Ethreal Security Advisories reports : An aggressive testing program as well as independent discovery has turned up a multitude of security issues Please reference CVE/URL list for details last seen 2020-06-01 modified 2020-06-02 plugin id 18986 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18986 title FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (76adaab0-e4e3-11d9-b875-0001020eed82) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-427.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, and CVE-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18386 published 2005-05-28 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18386 title RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:427) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-083.NASL description A number of vulnerabilities were discovered in previous version of Ethereal that have been fixed in the 0.10.11 release, including : - The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. - The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. - The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. - The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. - The Telnet and DHCP dissectors could abort. - The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. - The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. - The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. - The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly. last seen 2020-06-01 modified 2020-06-02 plugin id 18237 published 2005-05-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18237 title Mandrake Linux Security Advisory : ethereal (MDKSA-2005:083) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-427.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, and CVE-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21824 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21824 title CentOS 3 / 4 : ethereal (CESA-2005:427)
Oval
accepted | 2013-04-29T04:15:49.503-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||
description | Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||||||||||||||||||
family | unix | ||||||||||||||||||||
id | oval:org.mitre.oval:def:11804 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
title | Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||||||||||||||||||
version | 27 |
Redhat
advisories |
| ||||
rpms |
|
References
- http://www.ethereal.com/appnotes/enpa-sa-00019.html
- http://www.ethereal.com/news/item_20050504_01.html
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
- http://www.redhat.com/support/errata/RHSA-2005-427.html
- http://www.securityfocus.com/bid/13504
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11804