Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-0176

Published: 04/05/2004 Updated: 14/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 510
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Ethereal Group

Vulnerability Summary

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote malicious users to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

Vulnerable Product Search on Vulmon Subscribe to Product

ethereal group ethereal 0.10.1

ethereal group ethereal 0.9.2

ethereal group ethereal 0.9.6

ethereal group ethereal 0.9.5

ethereal group ethereal 0.8.19

ethereal group ethereal 0.10.2

ethereal group ethereal 0.8.18

ethereal group ethereal 0.9.14

ethereal group ethereal 0.9.15

ethereal group ethereal 0.9.10

ethereal group ethereal 0.9.8

ethereal group ethereal 0.9.16

ethereal group ethereal 0.8.13

ethereal group ethereal 0.9.3

ethereal group ethereal 0.10

ethereal group ethereal 0.9.13

ethereal group ethereal 0.9.9

ethereal group ethereal 0.8.14

ethereal group ethereal 0.9.11

ethereal group ethereal 0.9.7

ethereal group ethereal 0.9.4

ethereal group ethereal 0.9.1

ethereal group ethereal 0.9

ethereal group ethereal 0.9.12

Vendor Advisories

Debian Security Advisories: DSA-511-1 ethereal -- buffer overflows
Several buffer overflow vulnerabilities were discovered in ethereal, a network traffic analyzer These vulnerabilities are described in the ethereal advisory "enpa-sa-00013" Of these, only some parts of CAN-2004-0176 affect the version of ethereal in Debian woody CAN-2004-0367 and CAN-2004-0365 are not applicable to this version For the current ...

Exploits

Exploit DB: Ethereal 0.10.0 < 0.10.2 - IGAP Overflow
/* * THE EYE ON SECURITY RESEARCH GROUP - INDIA * Ethereal IGAP Dissector Message Overflow Remote Root exploit * * Copyright 2004 - EOS-India Group * * Authors note: * Shellcode splitting technique: * Due to difficulty involved while following normal exploitation techniques due to shortage of memory space * for our shellcode, we used the ...
Exploit DB: Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service
/* * Ethereal network protocol analyzer * EIGRP Dissector TLV_IP_INT Long IP Address Overflow * vulnerability * proof of concept code * version 10 (Mar 26 2004) * * by R&amp;#65533;mi Denis-Courmont &lt; ethereal at simphalampin dot com &gt; * www simphalempin com dev * * This vulnerability was found by: * Stefan Esser sesser e-ma ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2004/dsa-511http://security.e-matters.de/advisories/032004.htmlhttp://www.ethereal.com/appnotes/enpa-sa-00013.htmlhttp://security.gentoo.org/glsa/glsa-200403-07.xmlhttp://www.redhat.com/support/errata/RHSA-2004-136.htmlhttp://www.redhat.com/support/errata/RHSA-2004-137.htmlhttp://www.kb.cert.org/vuls/id/119876http://www.kb.cert.org/vuls/id/125156http://www.kb.cert.org/vuls/id/433596http://www.kb.cert.org/vuls/id/591820http://www.kb.cert.org/vuls/id/644886http://www.kb.cert.org/vuls/id/659140http://www.kb.cert.org/vuls/id/740188http://www.kb.cert.org/vuls/id/864884http://www.kb.cert.org/vuls/id/931588http://secunia.com/advisories/11185http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000835http://www.mandriva.com/security/advisories?name=MDKSA-2004:024http://www.osvdb.org/6893http://marc.info/?l=bugtraq&m=108007072215742&w=2http://marc.info/?l=bugtraq&m=108058005324316&w=2http://marc.info/?l=bugtraq&m=108213710306260&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/15569https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A887https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A878https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10187https://www.debian.org/security/./dsa-511https://nvd.nist.govhttps://www.exploit-db.com/exploits/167/https://www.kb.cert.org/vuls/id/433596
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook