Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3184

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-3184
Last Modified 21 Aug 2010 12:33:17
Published 20 Oct 2005 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3184

Summary

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.

Vulnerable Systems

Application

  • Ethereal Group Ethereal 0.10.12


References

IDEFENSE - 20051020 Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability

BID - 15158

BID - 15148

REDHAT - RHSA-2005:809

FEDORA - FLSA-2006:152922

OSVDB - 20137

SUSE - SUSE-SR:2005:025

GENTOO - GLSA-200510-25

CONFIRM - http://www.ethereal.com/appnotes/enpa-sa-00021.html

SECTRACK - 1015082

SECUNIA - 17480

SECUNIA - 17392

SECUNIA - 17377

SECUNIA - 17327

SECUNIA - 17286

SECUNIA - 17254


Last Updated: 27 May 2016 10:40:50