Vulnerabilities > CVE-2005-2361 - Unspecified vulnerability in Ethereal Group Ethereal
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ethereal-group
nessus
Summary
Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2005-655.NASL description - Wed Jul 27 2005 Jindrich Novy <jnovy at redhat.com> 0.10.12-1.FC4.1 - update to 0.10.12 - package /usr/sbin/randpkt - sync with cleanup patch (most of it applied upstream) - the new release fixes CVE-2005-2361 up to CVE-2005-2367 - Mon May 30 2005 Radek Vokal <rvokal at redhat.com> 0.10.11-3 - ethereal cleanup, patch by Steve Grubb <sgrubb at redhat.com> (#159107) - few more cleanups Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19321 published 2005-07-31 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19321 title Fedora Core 4 : ethereal-0.10.12-1.FC4.1 (2005-655) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-687.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2360, CVE-2005-2361, CVE-2005-2362, CVE-2005-2363, CVE-2005-2364, CVE-2005-2365, CVE-2005-2366, and CVE-2005-2367 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.12 which is not vulnerable to these issues. Note: To reduce the risk of future vulnerabilities in Ethereal, the ethereal and tethereal programs in this update have been compiled as Position Independent Executables (PIE) for Red Hat Enterprise Linux 3 and 4. In addition FORTIFY_SOURCE has been enabled for Red Hat Enterprise Linux 4 packages to provide compile time and runtime buffer checks. last seen 2020-06-01 modified 2020-06-02 plugin id 21850 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21850 title CentOS 3 / 4 : ethereal (CESA-2005:687) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-131.NASL description A number of vulnerabilities were discovered in versions of Ethereal prior to version 0.10.12, including : The SMB dissector could overflow a buffer or exhaust memory (CVE-2005-2365). iDefense discovered that several dissectors are vulnerable to format string overflows (CVE-2005-2367). A number of other portential crash issues in various dissectors have also been corrected. This update provides Ethereal 0.10.12 which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19891 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19891 title Mandrake Linux Security Advisory : ethereal (MDKSA-2005:131) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-853.NASL description Several security problems have been discovered in ethereal, a commonly used network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2360 Memory allocation errors in the LDAP dissector can cause a denial of service. - CAN-2005-2361 Various errors in the AgentX, PER, DOCSIS, RADIUS, Telnet, IS-IS, HTTP, DCERPC, DHCP and SCTP dissectors can cause a denial of service. - CAN-2005-2363 Various errors in the SMPP, 802.3, H1 and DHCP dissectors can cause a denial of service. - CAN-2005-2364 NULL pointer dereferences in the WBXML and GIOP dissectors can cause a denial of service. - CAN-2005-2365 A buffer overflow and NULL pointer dereferences in the SMB dissector can cause a denial of service. - CAN-2005-2366 Wrong address calculation in the BER dissector can cause an infinite loop or abortion. - CAN-2005-2367 Format string vulnerabilities in several dissectors allow remote attackers to write to arbitrary memory locations and thus gain privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 19961 published 2005-10-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19961 title Debian DSA-853-1 : ethereal - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2005-651.NASL description - Thu Jul 28 2005 Jindrich Novy <jnovy at redhat.com> 0.10.12-1.FC3.1 - update to 0.10.12 - package /usr/sbin/randpkt - sync with cleanup patch (most of it applied upstream) - the new release fixes CVE-2005-2361 up to CVE-2005-2367 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19320 published 2005-07-31 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19320 title Fedora Core 3 : ethereal-0.10.12-1.FC3.1 (2005-651) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200507-27.NASL description The remote host is affected by the vulnerability described in GLSA-200507-27 (Ethereal: Multiple vulnerabilities) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.12, including: The SMB dissector could overflow a buffer or exhaust memory (CAN-2005-2365). iDEFENSE discovered that several dissectors are vulnerable to format string overflows (CAN-2005-2367). Additionally multiple potential crashes in many dissectors have been fixed, see References for further details. Impact : An attacker might be able to use these vulnerabilities to crash Ethereal or execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 19329 published 2005-07-31 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19329 title GLSA-200507-27 : Ethereal: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-687.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2360, CVE-2005-2361, CVE-2005-2362, CVE-2005-2363, CVE-2005-2364, CVE-2005-2365, CVE-2005-2366, and CVE-2005-2367 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.12 which is not vulnerable to these issues. Note: To reduce the risk of future vulnerabilities in Ethereal, the ethereal and tethereal programs in this update have been compiled as Position Independent Executables (PIE) for Red Hat Enterprise Linux 3 and 4. In addition FORTIFY_SOURCE has been enabled for Red Hat Enterprise Linux 4 packages to provide compile time and runtime buffer checks. last seen 2020-06-01 modified 2020-06-02 plugin id 19424 published 2005-08-12 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19424 title RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:687)
Oval
| accepted | 2013-04-29T04:03:43.156-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:10225 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors. | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://secunia.com/advisories/16225/
- http://secunia.com/advisories/16225/
- http://secunia.com/advisories/17102
- http://secunia.com/advisories/17102
- http://www.debian.org/security/2005/dsa-853
- http://www.debian.org/security/2005/dsa-853
- http://www.ethereal.com/appnotes/enpa-sa-00020.html
- http://www.ethereal.com/appnotes/enpa-sa-00020.html
- http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml
- http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
- http://www.redhat.com/support/errata/RHSA-2005-687.html
- http://www.redhat.com/support/errata/RHSA-2005-687.html
- http://www.securityfocus.com/bid/14399
- http://www.securityfocus.com/bid/14399
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10225
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10225