ID CVE-2005-3184
Summary Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
References
Vulnerable Configurations
  • cpe:2.3:a:ethereal_group:ethereal:0.10.12
    cpe:2.3:a:ethereal_group:ethereal:0.10.12
CVSS
Base: 10.0 (as of 21-10-2005 - 09:02)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200510-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-200510-25 (Ethereal: Multiple vulnerabilities in protocol dissectors) There are numerous vulnerabilities in versions of Ethereal prior to 0.10.13, including: The SLIM3 and AgentX dissectors could overflow a buffer (CVE-2005-3243). iDEFENSE discovered a buffer overflow in the SRVLOC dissector (CVE-2005-3184). Multiple potential crashes in many dissectors have been fixed, see References for further details. Furthermore an infinite loop was discovered in the IRC protocol dissector of the 0.10.13 release (CVE-2005-3313). Impact : An attacker might be able to use these vulnerabilities to crash Ethereal or execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 20118
    published 2005-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20118
    title GLSA-200510-25 : Ethereal: Multiple vulnerabilities in protocol dissectors
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-193.NASL
    description Ethereal 0.10.13 is now available fixing a number of security vulnerabilities in various dissectors : - the ISAKMP dissector could exhaust system memory - the FC-FCS dissector could exhaust system memory - the RSVP dissector could exhaust system memory - the ISIS LSP dissector could exhaust system memory - the IrDA dissector could crash - the SLIMP3 dissector could overflow a buffer - the BER dissector was susceptible to an infinite loop - the SCSI dissector could dereference a NULL pointer and crash - the sFlow dissector could dereference a NULL pointer and crash - the RTnet dissector could dereference a NULL pointer and crash - the SigComp UDVM could go into an infinite loop or crash - the X11 dissector could attempt to divide by zero - if SMB transaction payload reassembly is enabled the SMB dissector could crash (by default this is disabled) - if the 'Dissect unknown RPC program numbers' option was enabled, the ONC RPC dissector might be able to exhaust system memory (by default this is disabled) - the AgentX dissector could overflow a buffer - the WSP dissector could free an invalid pointer - iDEFENSE discovered a buffer overflow in the SRVLOC dissector The new version of Ethereal is provided and corrects all of these issues. An infinite loop in the IRC dissector was also discovered and fixed after the 0.10.13 release. The updated packages include the fix. Update : A permissions problem on the /usr/share/ethereal/dtds directory caused errors when ethereal started as a non-root user. This update corrects the problem.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 20435
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20435
    title Mandrake Linux Security Advisory : ethereal (MDKSA-2005:193-2)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-809.NASL
    description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-3241, CVE-2005-3242, CVE-2005-3243, CVE-2005-3244, CVE-2005-3245, CVE-2005-3246, CVE-2005-3247, CVE-2005-3248, CVE-2005-3249, and CVE-2005-3184 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.13 and are not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21865
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21865
    title CentOS 3 / 4 : ethereal (CESA-2005:809)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-809.NASL
    description Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-3241, CVE-2005-3242, CVE-2005-3243, CVE-2005-3244, CVE-2005-3245, CVE-2005-3246, CVE-2005-3247, CVE-2005-3248, CVE-2005-3249, and CVE-2005-3184 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.13 and are not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20105
    published 2005-10-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20105
    title RHEL 2.1 / 3 / 4 : ethereal (RHSA-2005:809)
oval via4
accepted 2013-04-29T04:01:14.168-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
family unix
id oval:org.mitre.oval:def:10074
status accepted
submitted 2010-07-09T03:56:16-04:00
title Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
version 24
redhat via4
advisories
rhsa
id RHSA-2005:809
refmap via4
bid
  • 15148
  • 15158
confirm http://www.ethereal.com/appnotes/enpa-sa-00021.html
fedora FLSA-2006:152922
gentoo GLSA-200510-25
idefense 20051020 Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability
osvdb 20137
sectrack 1015082
secunia
  • 17254
  • 17286
  • 17327
  • 17377
  • 17392
  • 17480
suse SUSE-SR:2005:025
Last major update 21-08-2010 - 00:33
Published 20-10-2005 - 19:02
Last modified 10-10-2017 - 21:30
Back to Top