CVE-2003-0432 — Group Ethereal vulnerability

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

0.6%

top 31.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ethereal Group Ethereal

Timeline

PublishedJul 24

Latest updateMay 3

Description

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDethereal_group/ethereal0.9.12

Patches

Patch: www.debian.org ↗Patch: www.ethereal.com ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-p845-4v57-x54v: Ethereal 0↗2022-05-03

▶

CVEList

CVE-2003-0432: Ethereal 0↗2003-06-18

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-05-01

▶

💬Community

Bugzilla

CVE-2003-0432 security flaw↗2018-08-16

▶