CVE-2005-0699

6 documents5 sources

Severity

7.5HIGH

EPSS

3.5%

top 12.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Altlinux ALT Linux Conectiva Linux Ethereal Group Ethereal +3 more

Timeline

PublishedMar 8

Latest updateMay 1

Description

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶NVDethereal_group/ethereal7 versions+6

▶NVDconectiva/linux10.0, 9.0+1

▶NVDaltlinux/alt_linuxcompact_2.3, junior_2.3+1

▶NVDredhat/enterprise_linux_desktop3.0, 4.0+1

▶NVDredhat/linux_advanced_workstation2.1

Also affects: Enterprise Linux 2.1, 3.0, 4.0

Patches

Patch: security.gentoo.org ↗Patch: www.ethereal.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-7954-wg84-v522: Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11↗2022-05-01

▶

CVEList

CVE-2005-0699: Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11↗2005-03-09

▶

📋Vendor Advisories

Red Hat

security flaw↗2005-03-11

▶

💬Community

Bugzilla

CVE-2005-0699 security flaw↗2018-08-16

▶