Vulnerabilities > CVE-2005-3651 - Unspecified vulnerability in Ethereal Group Ethereal

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-002.NASL
    descriptionThree vulnerabilities were discovered in Ethereal 0.10.13 : The IRC and GTP dissectors could go into an infinite loop. A buffer overflow was discovered by iDefense in the OSPF dissector. Ethereal has been upgraded to 0.10.14 which does not suffer from these problems.
    last seen2020-06-01
    modified2020-06-02
    plugin id20472
    published2006-01-15
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20472
    titleMandrake Linux Security Advisory : ethereal (MDKSA-2006:002)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2006:002. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(20472);
      script_version ("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:48");
    
      script_cve_id("CVE-2005-3651");
      script_bugtraq_id(15794);
      script_xref(name:"MDKSA", value:"2006:002");
    
      script_name(english:"Mandrake Linux Security Advisory : ethereal (MDKSA-2006:002)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Three vulnerabilities were discovered in Ethereal 0.10.13 :
    
    The IRC and GTP dissectors could go into an infinite loop.
    
    A buffer overflow was discovered by iDefense in the OSPF dissector.
    
    Ethereal has been upgraded to 0.10.14 which does not suffer from these
    problems."
      );
      # http://www.ethereal.com/appnotes/enpa-sa-00022.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00022.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ethereal0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libethereal0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tethereal");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/01/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2006.0", reference:"ethereal-0.10.14-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"ethereal-tools-0.10.14-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64ethereal0-0.10.14-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libethereal0-0.10.14-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"tethereal-0.10.14-0.1.20060mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200512-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200512-06 (Ethereal: Buffer overflow in OSPF protocol dissector) iDEFENSE reported a possible overflow due to the lack of bounds checking in the dissect_ospf_v3_address_prefix() function, part of the OSPF protocol dissector. Impact : An attacker might be able to craft a malicious network flow that would crash Ethereal. It may be possible, though unlikely, to exploit this flaw to execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id20315
    published2005-12-15
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20315
    titleGLSA-200512-06 : Ethereal: Buffer overflow in OSPF protocol dissector
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-227.NASL
    descriptionA stack-based buffer overflow was discovered in the OSPF dissector in Ethereal. This could potentially be abused to allow remote attackers to execute arbitrary code via crafted packets. The updated packages have been patched to prevent this problem.
    last seen2020-06-01
    modified2020-06-02
    plugin id20458
    published2006-01-15
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20458
    titleMandrake Linux Security Advisory : ethereal (MDKSA-2005:227)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0156.NASL
    descriptionUpdated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. Two denial of service bugs were found in Ethereal
    last seen2020-06-01
    modified2020-06-02
    plugin id20480
    published2006-01-15
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/20480
    titleRHEL 2.1 / 3 / 4 : ethereal (RHSA-2006:0156)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-920.NASL
    descriptionA buffer overflow has been discovered in ethereal, a commonly used network traffic analyser that causes a denial of service and may potentially allow the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id22786
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22786
    titleDebian DSA-920-1 : ethereal - buffer overflow
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0156.NASL
    descriptionUpdated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. Two denial of service bugs were found in Ethereal
    last seen2020-06-01
    modified2020-06-02
    plugin id21883
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21883
    titleCentOS 3 / 4 : ethereal (CESA-2006:0156)

Oval

accepted2013-04-29T04:12:55.230-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionStack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
familyunix
idoval:org.mitre.oval:def:11286
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleStack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
version26

Redhat

advisories
rhsa
idRHSA-2006:0156
rpms
  • ethereal-0:0.10.14-1.EL3.1
  • ethereal-debuginfo-0:0.10.14-1.EL3.1
  • ethereal-gnome-0:0.10.14-1.EL3.1