Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0739

Description

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.

Affected products

Ethereal Group/Ethereal
cpe:2.3:a:ethereal_group:ethereal:*:*:*:*:*:*:*:*
Range: <=0.10.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2005/dsa-718nvdPatch
www.ethereal.com/appnotes/enpa-sa-00018.htmlnvdPatchURL Repurposed
anonsvn.ethereal.com/viewcvs/viewcvs.pynvdURL Repurposed
marc.infonvd
security.lss.hr/index.phpnvd
www.gentoo.org/security/en/glsa/glsa-200503-16.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlnvd
www.redhat.com/support/errata/RHSA-2005-306.htmlnvd
www.securityfocus.com/bid/12762nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9687nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.014
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000