MitreCVE-2005-3184

HistoryOct 20, 2005 - 11:02 p.m.

CVE-2005-3184

2005-10-2023:02:00

mitre

web.nvd.nist.gov

cve-2005-3184

buffer overflow

ethereal

srvloc dissector

nvd

service location protocol

srvloc packet

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.083

Percentile

94.4%

JSON

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.

Affected configurations

Nvd

Node

ethereal_groupetherealRange≤0.10.12

VendorProductVersionCPE
ethereal_groupetherealcpe:/a:ethereal_group:ethereal::::

Vendor	Product	Version	CPE
ethereal_group	ethereal		cpe:/a:ethereal_group:ethereal::::

References

secunia.com/advisories/17254

secunia.com/advisories/17286

secunia.com/advisories/17327

secunia.com/advisories/17377

secunia.com/advisories/17392

secunia.com/advisories/17480

securitytracker.com/id?1015082

www.ethereal.com/appnotes/enpa-sa-00021.html

www.gentoo.org/security/en/glsa/glsa-200510-25.xml

www.idefense.com/application/poi/display?id=323&type=vulnerabilities

www.novell.com/linux/security/advisories/2005_25_sr.html

www.osvdb.org/20137

www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html

www.redhat.com/support/errata/RHSA-2005-809.html

www.securityfocus.com/bid/15148

www.securityfocus.com/bid/15158

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10074

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.083

Percentile

94.4%

JSON

Related for CVE-2005-3184