CVE-2003-0431
published 2003-07-24CVE-2003-0431: The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
PriorityP426critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
2.26%
80.8th percentile
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | <= 0.9.12 | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hrr2-5hxg-8fpx: The tvb_get_nstringz0 function in Ethereal 0
ghsa_unreviewed·2022-05-03
CVE-2003-0431 [HIGH] GHSA-hrr2-5hxg-8fpx: The tvb_get_nstringz0 function in Ethereal 0
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
Red Hat
security flaw
vendor_redhat·2003-05-01·CVSS 10.0
CVE-2003-0431 [CRITICAL] security flaw
security flaw
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
No detection rules found.
No public exploits indexed.
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txthttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662http://secunia.com/advisories/9007http://www.debian.org/security/2003/dsa-324http://www.ethereal.com/appnotes/enpa-sa-00010.htmlhttp://www.redhat.com/support/errata/RHSA-2003-077.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A101ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txthttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662http://secunia.com/advisories/9007http://www.debian.org/security/2003/dsa-324http://www.ethereal.com/appnotes/enpa-sa-00010.htmlhttp://www.redhat.com/support/errata/RHSA-2003-077.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A101
2003-07-24
Published