ID CVE-2003-1013
Summary The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:ethereal_group:ethereal:0.9
    cpe:2.3:a:ethereal_group:ethereal:0.9
  • cpe:2.3:a:ethereal_group:ethereal:0.9.1
    cpe:2.3:a:ethereal_group:ethereal:0.9.1
  • cpe:2.3:a:ethereal_group:ethereal:0.9.2
    cpe:2.3:a:ethereal_group:ethereal:0.9.2
  • cpe:2.3:a:ethereal_group:ethereal:0.9.3
    cpe:2.3:a:ethereal_group:ethereal:0.9.3
  • cpe:2.3:a:ethereal_group:ethereal:0.9.4
    cpe:2.3:a:ethereal_group:ethereal:0.9.4
  • cpe:2.3:a:ethereal_group:ethereal:0.9.5
    cpe:2.3:a:ethereal_group:ethereal:0.9.5
  • cpe:2.3:a:ethereal_group:ethereal:0.9.6
    cpe:2.3:a:ethereal_group:ethereal:0.9.6
  • cpe:2.3:a:ethereal_group:ethereal:0.9.7
    cpe:2.3:a:ethereal_group:ethereal:0.9.7
  • cpe:2.3:a:ethereal_group:ethereal:0.9.8
    cpe:2.3:a:ethereal_group:ethereal:0.9.8
  • cpe:2.3:a:ethereal_group:ethereal:0.9.9
    cpe:2.3:a:ethereal_group:ethereal:0.9.9
  • cpe:2.3:a:ethereal_group:ethereal:0.9.10
    cpe:2.3:a:ethereal_group:ethereal:0.9.10
  • cpe:2.3:a:ethereal_group:ethereal:0.9.11
    cpe:2.3:a:ethereal_group:ethereal:0.9.11
  • cpe:2.3:a:ethereal_group:ethereal:0.9.12
    cpe:2.3:a:ethereal_group:ethereal:0.9.12
  • cpe:2.3:a:ethereal_group:ethereal:0.9.13
    cpe:2.3:a:ethereal_group:ethereal:0.9.13
  • cpe:2.3:a:ethereal_group:ethereal:0.9.14
    cpe:2.3:a:ethereal_group:ethereal:0.9.14
  • cpe:2.3:a:ethereal_group:ethereal:0.9.15
    cpe:2.3:a:ethereal_group:ethereal:0.9.15
  • cpe:2.3:a:ethereal_group:ethereal:0.9.16
    cpe:2.3:a:ethereal_group:ethereal:0.9.16
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-407.NASL
    description Several vulnerabilities were discovered upstream in ethereal, a network traffic analyzer. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2003-0925 A buffer overflow allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. - CAN-2003-0926 Via certain malformed ISAKMP or MEGACO packets remote attackers are able to cause a denial of service (crash). - CAN-2003-0927 A heap-based buffer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. - CAN-2003-1012 The SMB dissector allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of selected packets. - CAN-2003-1013 The Q.931 dissector allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15244
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15244
    title Debian DSA-407-1 : ethereal - buffer overflows
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-002.NASL
    description Two vulnerabilities were discovered in versions of Ethereal prior to 0.10.0 that can be exploited to make Ethereal crash by injecting malformed packets onto the wire or by convincing a user to read a malformed packet trace file. The first vulnerability is in the SMB dissector and the second is in the Q.391 dissector. It is not known whether or not these issues could lead to the execution of arbitrary code. The updated packages provide Ethereal 0.10.0 which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14102
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14102
    title Mandrake Linux Security Advisory : ethereal (MDKSA-2004:002)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-002.NASL
    description Updated Ethereal packages that fix two security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. Two security issues have been found that affect Ethereal. By exploiting these issues it may be possible to make Ethereal crash by injecting an intentionally malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It is not known if these issues could allow arbitrary code execution. The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1012 to this issue. The Q.931 dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-1013 to this issue. Users of Ethereal should update to these erratum packages containing Ethereal version 0.10.0, which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12445
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12445
    title RHEL 2.1 / 3 : ethereal (RHSA-2004:002)
oval via4
  • accepted 2013-04-29T04:01:35.809-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    family unix
    id oval:org.mitre.oval:def:10097
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    version 23
  • accepted 2007-04-25T19:53:02.172-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
    family unix
    id oval:org.mitre.oval:def:857
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Ethereal Malformed Q.931 Packet Vulnerability
    version 34
redhat via4
advisories
  • rhsa
    id RHSA-2004:001
  • rhsa
    id RHSA-2004:002
refmap via4
conectiva CLA-2004:801
confirm http://www.ethereal.com/appnotes/enpa-sa-00012.html
debian DSA-407
mandrake MDKSA-2004:002
secunia
  • 10531
  • 10568
  • 10570
sgi
  • 20040103-01-U
  • 20040202-01-U
Last major update 21-08-2010 - 00:17
Published 05-01-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top