VYPR

Vendor CVEs

Ethereal Group

All CVEs

137 total · sorted by risk
  • CVE-2005-0766May 2, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash).

  • CVE-2005-0008May 2, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."

  • CVE-2005-1281Apr 26, 2005
    risk 0.00cvss epss 0.02

    Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

  • CVE-2005-0765Mar 12, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).

  • CVE-2004-1141Dec 31, 2004
    risk 0.00cvss epss 0.03

    The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.

  • CVE-2004-1761Dec 31, 2004
    risk 0.00cvss epss 0.03

    Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file.

  • CVE-2004-1140Dec 31, 2004
    risk 0.00cvss epss 0.03

    Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp.

  • CVE-2004-1145Dec 15, 2004
    risk 0.00cvss epss 0.04

    Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read…

  • CVE-2004-1142Dec 15, 2004
    risk 0.00cvss epss 0.02

    Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

  • CVE-2004-1139Dec 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

  • CVE-2004-0634Dec 6, 2004
    risk 0.00cvss epss 0.05

    The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

  • CVE-2004-0635Dec 6, 2004
    risk 0.00cvss epss 0.05

    The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

  • CVE-2004-0505Aug 18, 2004
    risk 0.00cvss epss 0.03

    The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

  • CVE-2004-0506Aug 18, 2004
    risk 0.00cvss epss 0.04

    The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.

  • CVE-2004-0504Aug 18, 2004
    risk 0.00cvss epss 0.03

    Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

  • CVE-2004-0367May 4, 2004
    risk 0.00cvss epss 0.05

    Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.

  • CVE-2003-1012Jan 5, 2004
    risk 0.00cvss epss 0.03

    The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.

  • CVE-2003-0926Dec 1, 2003
    risk 0.00cvss epss 0.03

    Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.

  • CVE-2003-0925Dec 1, 2003
    risk 0.00cvss epss 0.06

    Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

  • CVE-2003-0927Dec 1, 2003
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

  • CVE-2003-0430Jul 24, 2003
    risk 0.00cvss epss 0.02

    The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.

  • CVE-2003-0431Jul 24, 2003
    risk 0.00cvss epss 0.02

    The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.

  • CVE-2003-0429Jul 24, 2003
    risk 0.00cvss epss 0.05

    The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.

  • CVE-2003-0432Jul 24, 2003
    risk 0.00cvss epss 0.02

    Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

  • CVE-2003-0428Jul 24, 2003
    risk 0.00cvss epss 0.04

    Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.

  • CVE-2003-0159Apr 2, 2003
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

  • CVE-2003-0081Mar 18, 2003
    risk 0.00cvss epss 0.06

    Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

  • CVE-2002-1356Dec 23, 2002
    risk 0.00cvss epss 0.03

    Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages.

  • CVE-2002-1355Dec 23, 2002
    risk 0.00cvss epss 0.02

    Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages.

  • CVE-2002-0834Sep 24, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.

  • CVE-2002-0821Aug 12, 2002
    risk 0.00cvss epss 0.03

    Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.

  • CVE-2002-0822Aug 12, 2002
    risk 0.00cvss epss 0.01

    Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.

  • CVE-2002-0353Jun 25, 2002
    risk 0.00cvss epss 0.03

    The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.

  • CVE-2002-0404Jun 18, 2002
    risk 0.00cvss epss 0.02

    Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2002-0403Jun 18, 2002
    risk 0.00cvss epss 0.02

    DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.

  • CVE-2002-0402Jun 18, 2002
    risk 0.00cvss epss 0.05

    Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.

  • CVE-1999-1227Jul 30, 1999
    risk 0.00cvss epss 0.00

    Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.

Page 3 of 3