ID CVE-2005-0807
Summary Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
References
Vulnerable Configurations
  • cpe:2.3:a:oxid:cain_and_abel:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta21:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta21:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta29:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta29:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta34:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta34:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta36:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta36:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta40:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta40:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta41:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta41:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta47:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta47:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta51:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta51:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta56:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta56:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta59:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta59:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.5_beta65:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.5_beta65:*:*:*:*:*:*:*
  • cpe:2.3:a:oxid:cain_and_abel:2.65:*:*:*:*:*:*:*
    cpe:2.3:a:oxid:cain_and_abel:2.65:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 12840
bugtraq 20050318 Cain & Abel PSK Sniffer Heap overflow
confirm http://www.oxid.it/
sectrack 1013476
secunia 14630
xf
  • cain-abel-http-filter-bo(19744)
  • cain-abel-ikepsk-bo(19742)
Last major update 11-07-2017 - 01:32
Published 02-05-2005 - 04:00
Back to Top