Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Insight
Insight
The following packages are affected: ethereal ethereal-lite tethereal tethereal-lite CVE-2005-0699 Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values. CVE-2005-0704 Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. CVE-2005-0705 The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the 'ignore cipher bit' option enabled. allows remote attackers to cause a denial of service (application crash). CVE-2005-0739 The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the the dissect_pdus and pduval_to_str functions.
Solution
Solution
Update your system with the appropriate patches or software upgrades. http://www.ethereal.com/appnotes/enpa-sa-00018.html http://www.vuxml.org/freebsd/cb470368-94d2-11d9-a9e0-0001020eed82.html