Vulnerabilities > Ethereal

DATE CVE VULNERABILITY TITLE RISK
2004-05-04 CVE-2004-0365 NULL Pointer Dereference vulnerability in Ethereal
The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.
network
low complexity
ethereal CWE-476
7.5
2004-01-05 CVE-2003-1013 NULL Pointer Dereference vulnerability in Ethereal
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
network
low complexity
ethereal CWE-476
7.5
2003-06-09 CVE-2003-0356 Off-by-one Error vulnerability in Ethereal 0.8.13/0.9.11/0.9.3
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.
network
low complexity
ethereal CWE-193
critical
9.8
2002-06-18 CVE-2002-0401 NULL Pointer Dereference vulnerability in multiple products
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
network
low complexity
ethereal debian CWE-476
7.5