Vulnerabilities > CVE-2005-3245 - Unspecified vulnerability in Ethereal Group Ethereal
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ethereal-group
nessus
Summary
Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2005-1008.NASL description Ethereal 0.10.13 is scheduled to be released, which fixes the following issues : The ISAKMP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15163 Bug IDs: none Versions affected: 0.10.11 to 0.10.12. The FC-FCS dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15204 Bug IDs: 312 Versions affected: 0.9.0 to 0.10.12. The RSVP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15206, r15600 Bug IDs: 311, 314, 382 Versions affected: 0.9.4 to 0.10.12. The ISIS LSP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15245 Bug IDs: 320, 326 Versions affected: 0.8.18 to 0.10.12. The IrDA dissector could crash. (CVE-2005-3242) Fixed in: r15265, r15267 Bug IDs: 328, 329, 330, 334, 335, 336 Versions affected: 0.10.0 to 0.10.12. The SLIMP3 dissector could overflow a buffer. (CVE-2005-3243) Fixed in: r15279 Bug IDs: 327 Versions affected: 0.9.1 to 0.10.12. The BER dissector was susceptible to an infinite loop. (CVE-2005-3244) Fixed in: r15292 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. The SCSI dissector could dereference a NULL pointer and crash. (CVE-2005-3246) Fixed in: r15289 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. If the last seen 2020-06-01 modified 2020-06-02 plugin id 20074 published 2005-10-24 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20074 title Fedora Core 3 : ethereal-0.10.13-1.FC3.1 (2005-1008) NASL family Fedora Local Security Checks NASL id FEDORA_2005-1011.NASL description Ethereal 0.10.13 fixes the following issues : The ISAKMP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15163 Bug IDs: none Versions affected: 0.10.11 to 0.10.12. The FC-FCS dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15204 Bug IDs: 312 Versions affected: 0.9.0 to 0.10.12. The RSVP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15206, r15600 Bug IDs: 311, 314, 382 Versions affected: 0.9.4 to 0.10.12. The ISIS LSP dissector could exhaust system memory. (CVE-2005-3241) Fixed in: r15245 Bug IDs: 320, 326 Versions affected: 0.8.18 to 0.10.12. The IrDA dissector could crash. (CVE-2005-3242) Fixed in: r15265, r15267 Bug IDs: 328, 329, 330, 334, 335, 336 Versions affected: 0.10.0 to 0.10.12. The SLIMP3 dissector could overflow a buffer. (CVE-2005-3243) Fixed in: r15279 Bug IDs: 327 Versions affected: 0.9.1 to 0.10.12. The BER dissector was susceptible to an infinite loop. (CVE-2005-3244) Fixed in: r15292 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. The SCSI dissector could dereference a NULL pointer and crash. (CVE-2005-3246) Fixed in: r15289 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. If the last seen 2020-06-01 modified 2020-06-02 plugin id 20077 published 2005-10-24 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20077 title Fedora Core 4 : ethereal-0.10.13-1.FC4.2 (2005-1011) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200510-25.NASL description The remote host is affected by the vulnerability described in GLSA-200510-25 (Ethereal: Multiple vulnerabilities in protocol dissectors) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.13, including: The SLIM3 and AgentX dissectors could overflow a buffer (CVE-2005-3243). iDEFENSE discovered a buffer overflow in the SRVLOC dissector (CVE-2005-3184). Multiple potential crashes in many dissectors have been fixed, see References for further details. Furthermore an infinite loop was discovered in the IRC protocol dissector of the 0.10.13 release (CVE-2005-3313). Impact : An attacker might be able to use these vulnerabilities to crash Ethereal or execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20118 published 2005-11-02 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20118 title GLSA-200510-25 : Ethereal: Multiple vulnerabilities in protocol dissectors NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-193.NASL description Ethereal 0.10.13 is now available fixing a number of security vulnerabilities in various dissectors : - the ISAKMP dissector could exhaust system memory - the FC-FCS dissector could exhaust system memory - the RSVP dissector could exhaust system memory - the ISIS LSP dissector could exhaust system memory - the IrDA dissector could crash - the SLIMP3 dissector could overflow a buffer - the BER dissector was susceptible to an infinite loop - the SCSI dissector could dereference a NULL pointer and crash - the sFlow dissector could dereference a NULL pointer and crash - the RTnet dissector could dereference a NULL pointer and crash - the SigComp UDVM could go into an infinite loop or crash - the X11 dissector could attempt to divide by zero - if SMB transaction payload reassembly is enabled the SMB dissector could crash (by default this is disabled) - if the last seen 2020-06-01 modified 2020-06-02 plugin id 20435 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/20435 title Mandrake Linux Security Advisory : ethereal (MDKSA-2005:193-2) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-809.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-3241, CVE-2005-3242, CVE-2005-3243, CVE-2005-3244, CVE-2005-3245, CVE-2005-3246, CVE-2005-3247, CVE-2005-3248, CVE-2005-3249, and CVE-2005-3184 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.13 and are not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20105 published 2005-10-28 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/20105 title RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:809) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-809.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-3241, CVE-2005-3242, CVE-2005-3243, CVE-2005-3244, CVE-2005-3245, CVE-2005-3246, CVE-2005-3247, CVE-2005-3248, CVE-2005-3249, and CVE-2005-3184 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.13 and are not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21865 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21865 title CentOS 3 / 4 : ethereal (CESA-2005:809)
Oval
| accepted | 2013-04-29T04:11:11.414-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption). | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:11060 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption). | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://www.ethereal.com/appnotes/enpa-sa-00021.html
- http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml
- http://secunia.com/advisories/17377
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
- http://www.redhat.com/support/errata/RHSA-2005-809.html
- http://www.securityfocus.com/bid/15148
- http://securitytracker.com/id?1015082
- http://www.novell.com/linux/security/advisories/2005_25_sr.html
- http://secunia.com/advisories/17254
- http://secunia.com/advisories/17286
- http://secunia.com/advisories/17327
- http://secunia.com/advisories/17392
- http://secunia.com/advisories/17480
- http://www.osvdb.org/20129
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11060