CVE-2004-1761
Description
Ethereal 0.8.13 to 0.10.2 has a denial-of-service vulnerability via a malformed color filter file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Ethereal 0.8.13 to 0.10.2 has a denial-of-service vulnerability via a malformed color filter file.
Vulnerability
Ethereal versions 0.8.13 through 0.10.2 contain an unknown vulnerability in the handling of color filter files. A malformed color filter file can trigger a segmentation fault, leading to a denial of service. The vulnerability exists in the color filter parsing code [1][2].
Exploitation
A local attacker can exploit this vulnerability by crafting a malformed color filter file and causing Ethereal to process it. No special network position or authentication is required beyond local access to provide the malformed file to the application [2].
Impact
Successful exploitation results in a segmentation fault, causing Ethereal to crash. This is a denial-of-service condition that can disrupt network analysis activities [2].
Mitigation
Upgrade to Ethereal version 0.10.3 or later, which contains the fix. The upgrade was recommended by the vendor and the CERT/CC as of March 2004 [1][2]. No workarounds were provided in the available references.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
30cpe:2.3:a:ethereal_group:ethereal:0.10.0:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:a:ethereal_group:ethereal:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.10.0a:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.13:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.14:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.15:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.16:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.17a:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.18:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.19:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.8.20:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*
- (no CPE)range: >=0.8.13 <=0.10.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- secunia.com/advisories/11185nvdPatch
- www.ethereal.com/appnotes/enpa-sa-00013.htmlnvdURL Repurposed
- www.kb.cert.org/vuls/id/695486nvdUS Government Resource
- www.redhat.com/support/errata/RHSA-2004-136.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15572nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10013nvd
News mentions
0No linked articles in our index yet.