Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2367

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2367
Last Modified 21 Aug 2010 12:31:08
Published 10 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2367

Summary

Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.

Vulnerable Systems

Application

  • Ethereal Group Ethereal 0.10.0

  • Ethereal Group Ethereal 0.10.1

  • Ethereal Group Ethereal 0.10.10

  • Ethereal Group Ethereal 0.10.11

  • Ethereal Group Ethereal 0.10.2

  • Ethereal Group Ethereal 0.10.3

  • Ethereal Group Ethereal 0.10.4

  • Ethereal Group Ethereal 0.10.5

  • Ethereal Group Ethereal 0.10.6

  • Ethereal Group Ethereal 0.10.7

  • Ethereal Group Ethereal 0.10.8

  • Ethereal Group Ethereal 0.10.9

  • Ethereal Group Ethereal 0.9.10

  • Ethereal Group Ethereal 0.9.11

  • Ethereal Group Ethereal 0.9.12

  • Ethereal Group Ethereal 0.9.13

  • Ethereal Group Ethereal 0.9.14

  • Ethereal Group Ethereal 0.9.15

  • Ethereal Group Ethereal 0.9.16

  • Ethereal Group Ethereal 0.9.4

  • Ethereal Group Ethereal 0.9.5

  • Ethereal Group Ethereal 0.9.6

  • Ethereal Group Ethereal 0.9.7

  • Ethereal Group Ethereal 0.9.8

  • Ethereal Group Ethereal 0.9.9


References

MANDRAKE - MDKSA-2005:131

GENTOO - GLSA-200507-27

CONFIRM - http://www.ethereal.com/appnotes/enpa-sa-00020.html

IDEFENSE - 20050805 Multiple Vendor Ethereal AFP Protocol Dissector Format String Vulnerability

BID - 14399

REDHAT - RHSA-2005:687

FEDORA - FLSA-2006:152922

SUSE - SUSE-SR:2005:019

SUSE - SUSE-SR:2005:018

DEBIAN - DSA-853

SECUNIA - 17102

SECUNIA - 16225


Last Updated: 27 May 2016 10:40:30