CVE-2003-0925Improper Restriction of Operations within the Bounds of a Memory Buffer in Group Ethereal

6 documents5 sources
Severity
7.5HIGHNVD
EPSS
2.8%
top 13.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedDec 1
Latest updateApr 29

Description

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDethereal_group/ethereal16 versions+15

Patches

Patch: www.ethereal.comPatch: www.redhat.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-f86f-3g5x-82q5: Buffer overflow in Ethereal 02022-04-29
CVEList
CVE-2003-0925: Buffer overflow in Ethereal 02003-11-06

📋Vendor Advisories

1
Red Hat
security flaw2003-11-03

💬Community

2
Bugzilla
CVE-2003-0925 security flaw2018-08-16
Bugzilla
CAN-2003-0925/6/7 Ethereal 0.9.13 has three exploitable security issues2003-11-05
CVE-2003-0925 — Ethereal Group Ethereal vulnerability | cvebase