Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0176Improper Restriction of Operations within the Bounds of a Memory Buffer in Group Ethereal

8 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
71.0%
top 1.29%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedMay 4
Latest updateApr 29

Description

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDethereal_group/ethereal24 versions+23

Patches

Patch: www.debian.orgPatch: www.debian.org

🔴Vulnerability Details

2
GHSA
GHSA-rfxc-wgf7-qphr: Multiple buffer overflows in Ethereal 02022-04-29
CVEList
CVE-2004-0176: Multiple buffer overflows in Ethereal 02004-03-25

💥Exploits & PoCs

2
Exploit-DB
Ethereal 0.10.0 < 0.10.2 - IGAP Overflow2004-03-28
Exploit-DB
Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service2004-03-26

📋Vendor Advisories

1
Red Hat
security flaw2004-03-04

💬Community

2
Bugzilla
CVE-2004-0176 security flaw2018-08-16
Bugzilla
CAN-2004-0176 Ethereal dissector overflows2004-03-12
CVE-2004-0176 — Ethereal Group Ethereal vulnerability | cvebase