Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1355

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1355
Last Modified 05 Sep 2008 04:30:22
Published 23 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1355

Summary

Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages.

Vulnerable Systems

Application

  • Ethereal Group Ethereal 0.9.7


References

REDHAT - RHSA-2002:290

CONFIRM - http://www.ethereal.com/appnotes/enpa-sa-00007.html

CONFIRM - http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-bgp.c.diff?r1=1.68&r2=1.69


Last Updated: 27 May 2016 10:37:17