CVE-2002-0353Group Ethereal vulnerability

5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
1.5%
top 19.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedJun 25
Latest updateApr 30

Description

The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDethereal_group/ethereal0.9.1, 0.9.2+1

🔴Vulnerability Details

2
GHSA
GHSA-gqhj-52pw-2hjh: The ASN2022-04-30
CVEList
CVE-2002-0353: The ASN2002-05-03

📋Vendor Advisories

1
Red Hat
security flaw2002-03-23

💬Community

1
Bugzilla
CVE-2002-0353 security flaw2018-08-16
CVE-2002-0353 — Ethereal Group Ethereal vulnerability | cvebase