Vulnerabilities > CVE-2005-3651 - Unspecified vulnerability in Ethereal Group Ethereal
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ethereal-group
nessus
Summary
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Vulnerable Configurations
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-002.NASL description Three vulnerabilities were discovered in Ethereal 0.10.13 : The IRC and GTP dissectors could go into an infinite loop. A buffer overflow was discovered by iDefense in the OSPF dissector. Ethereal has been upgraded to 0.10.14 which does not suffer from these problems. last seen 2020-06-01 modified 2020-06-02 plugin id 20472 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20472 title Mandrake Linux Security Advisory : ethereal (MDKSA-2006:002) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:002. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(20472); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2005-3651"); script_bugtraq_id(15794); script_xref(name:"MDKSA", value:"2006:002"); script_name(english:"Mandrake Linux Security Advisory : ethereal (MDKSA-2006:002)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Three vulnerabilities were discovered in Ethereal 0.10.13 : The IRC and GTP dissectors could go into an infinite loop. A buffer overflow was discovered by iDefense in the OSPF dissector. Ethereal has been upgraded to 0.10.14 which does not suffer from these problems." ); # http://www.ethereal.com/appnotes/enpa-sa-00022.html script_set_attribute( attribute:"see_also", value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00022.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ethereal0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libethereal0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tethereal"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"patch_publication_date", value:"2006/01/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", reference:"ethereal-0.10.14-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"ethereal-tools-0.10.14-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64ethereal0-0.10.14-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libethereal0-0.10.14-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"tethereal-0.10.14-0.1.20060mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200512-06.NASL description The remote host is affected by the vulnerability described in GLSA-200512-06 (Ethereal: Buffer overflow in OSPF protocol dissector) iDEFENSE reported a possible overflow due to the lack of bounds checking in the dissect_ospf_v3_address_prefix() function, part of the OSPF protocol dissector. Impact : An attacker might be able to craft a malicious network flow that would crash Ethereal. It may be possible, though unlikely, to exploit this flaw to execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20315 published 2005-12-15 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20315 title GLSA-200512-06 : Ethereal: Buffer overflow in OSPF protocol dissector NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-227.NASL description A stack-based buffer overflow was discovered in the OSPF dissector in Ethereal. This could potentially be abused to allow remote attackers to execute arbitrary code via crafted packets. The updated packages have been patched to prevent this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 20458 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20458 title Mandrake Linux Security Advisory : ethereal (MDKSA-2005:227) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2006-0156.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. Two denial of service bugs were found in Ethereal last seen 2020-06-01 modified 2020-06-02 plugin id 20480 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/20480 title RHEL 2.1 / 3 / 4 : ethereal (RHSA-2006:0156) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-920.NASL description A buffer overflow has been discovered in ethereal, a commonly used network traffic analyser that causes a denial of service and may potentially allow the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 22786 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22786 title Debian DSA-920-1 : ethereal - buffer overflow NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2006-0156.NASL description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. Two denial of service bugs were found in Ethereal last seen 2020-06-01 modified 2020-06-02 plugin id 21883 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21883 title CentOS 3 / 4 : ethereal (CESA-2006:0156)
Oval
accepted | 2013-04-29T04:12:55.230-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||
description | Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets. | ||||||||||||||||||||
family | unix | ||||||||||||||||||||
id | oval:org.mitre.oval:def:11286 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
title | Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets. | ||||||||||||||||||||
version | 26 |
Redhat
advisories |
| ||||
rpms |
|
References
- http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
- http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.c
- http://www.securityfocus.com/bid/15794
- http://securitytracker.com/id?1015337
- http://secunia.com/advisories/17973
- http://www.debian.org/security/2005/dsa-920
- http://www.gentoo.org/security/en/glsa/glsa-200512-06.xml
- http://secunia.com/advisories/18012
- http://secunia.com/advisories/18062
- http://www.ethereal.com/appnotes/enpa-sa-00022.html
- http://www.redhat.com/support/errata/RHSA-2006-0156.html
- http://secunia.com/advisories/18426
- ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
- http://secunia.com/advisories/19230
- http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
- http://secunia.com/advisories/18331
- http://secunia.com/advisories/19012
- http://secunia.com/advisories/18911
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:227
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:002
- http://securityreason.com/securityalert/247
- http://www.vupen.com/english/advisories/2005/2830
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11286