CVE-2005-0006
published 2005-05-02CVE-2005-0006: The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
3.64%
88.2th percentile
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5wr7-jp9j-74x2: The COPS dissector in Ethereal 0
ghsa_unreviewed·2022-05-01
CVE-2005-0006 [MEDIUM] GHSA-5wr7-jp9j-74x2: The COPS dissector in Ethereal 0
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
Red Hat
security flaw
vendor_redhat·2005-01-19·CVSS 5.0
CVE-2005-0006 [MEDIUM] security flaw
security flaw
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-8956 ntp: ntpd allows remote attackers to prevent a broadcast client from synchronizing its clock
bugzilla·2020-06-18·CVSS 5.3
CVE-2018-8956 [MEDIUM] CVE-2018-8956 ntp: ntpd allows remote attackers to prevent a broadcast client from synchronizing its clock
CVE-2018-8956 ntp: ntpd allows remote attackers to prevent a broadcast client from synchronizing its clock
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.
References:
https://arxiv.org/abs/2005.01783
https://nikhiltripathi.in/NTP_attack.pdf
https://security.netapp.com/advisory/ntap-20200518-0006/
Discussion:
Created ntp tracking bugs for this issue:
Affects: fedora-all [bug 1848590]
---
Statement:
As per the researcher this
Bugzilla
CVE-2005-0006 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-0006 [MEDIUM] CVE-2005-0006 security flaw
CVE-2005-0006 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
http://secunia.com/advisories/13946/http://www.ciac.org/ciac/bulletins/p-106.shtmlhttp://www.ethereal.com/appnotes/enpa-sa-00017.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200501-27.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:013http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-011.htmlhttp://www.redhat.com/support/errata/RHSA-2005-037.htmlhttp://www.securityfocus.com/bid/12326https://exchange.xforce.ibmcloud.com/vulnerabilities/18999https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10801http://secunia.com/advisories/13946/http://www.ciac.org/ciac/bulletins/p-106.shtmlhttp://www.ethereal.com/appnotes/enpa-sa-00017.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200501-27.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:013http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-011.htmlhttp://www.redhat.com/support/errata/RHSA-2005-037.htmlhttp://www.securityfocus.com/bid/12326https://exchange.xforce.ibmcloud.com/vulnerabilities/18999https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10801
2005-05-02
Published