Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0699

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0699
Last Modified 21 Aug 2010 12:26:51
Published 08 Mar 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0699

Summary

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

Vulnerable Systems

Operating System

  • Altlinux Alt Linux Compact 2.3

  • Altlinux Alt Linux Junior 2.3

  • Conectiva Linux 10.0

  • Conectiva Linux 9.0

  • Redhat Enterprise Linux 2.1

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux 4.0

  • Redhat Enterprise Linux Desktop 3.0

  • Redhat Enterprise Linux Desktop 4.0

  • Redhat Linux Advanced Workstation 2.1

Application

  • Ethereal Group Ethereal 0.10.3

  • Ethereal Group Ethereal 0.10.4

  • Ethereal Group Ethereal 0.10.5

  • Ethereal Group Ethereal 0.10.6

  • Ethereal Group Ethereal 0.10.7

  • Ethereal Group Ethereal 0.10.8

  • Ethereal Group Ethereal 0.10.9


References

BID - 12759

REDHAT - RHSA-2005:306

CONFIRM - http://www.ethereal.com/appnotes/enpa-sa-00018.html

GENTOO - GLSA-200503-16

BUGTRAQ - 20050308 Ethereal remote buffer overflow

FEDORA - FLSA-2006:152922

MANDRAKE - MDKSA-2005:053

MISC - http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04

BUGTRAQ - 20050314 Ethereal 0.10.9 and below remote root exploit

BUGTRAQ - 20050309 RE: Ethereal remote buffer overflow - addon


Last Updated: 27 May 2016 10:39:54