Vulnerability CVE-2005-0699


Published: 2005-03-08   Modified: 2012-02-12

Description:
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

Vendor: Altlinux
Product: Alt linux 
Version: junior_2.3; compact_2.3;
Vendor: Conectiva
Product: Linux 
Version: 9.0; 10.0;
Vendor: Redhat
Product: Enterprise linux 
Version:
4.0
3.0
2.1
Product: Enterprise linux desktop 
Version: 4.0; 3.0;
Product: Linux advanced workstation 
Version: 2.1;
Vendor: Ethereal group
Product: Ethereal 
Version:
0.10.9
0.10.8
0.10.7
0.10.6
0.10.5
0.10.4
0.10.3

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://marc.info/?l=bugtraq&m=111038641832400&w=2
http://marc.info/?l=bugtraq&m=111083125521813&w=2
http://security.gentoo.org/glsa/glsa-200503-16.xml
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04
http://www.ethereal.com/appnotes/enpa-sa-00018.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:053
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-306.html
http://www.securityfocus.com/archive/1/392659
http://www.securityfocus.com/bid/12759
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147

Related CVE
CVE-2010-1455
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
CVE-2007-6118
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
CVE-2007-6120
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2007-6121
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
CVE-2007-6111
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissec...
CVE-2006-3629
Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2006-3632
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.

Copyright 2019, cxsecurity.com

 

Back to Top