← volver
CVE-2005-0739

CVE-2005-0739

EPSS 7.6%
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/874no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707http://marc.info/?l=bugtraq&m=111066805726551&w=2http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687http://www.debian.org/security/2005/dsa-718http://www.ethereal.com/appnotes/enpa-sa-00018.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200503-16.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:053http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-306.htmlhttp://www.securityfocus.com/bid/12762