Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1461

6 documents6 sources
Severity
7.5HIGH
EPSS
12.3%
top 6.13%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedMay 5
Latest updateMay 1

Description

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDethereal_group/ethereal35 versions+34

🔴Vulnerability Details

2
GHSA
GHSA-rx2v-m79x-75xc: Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X2022-05-01
CVEList
CVE-2005-1461: Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X2005-05-05

💥Exploits & PoCs

1
Exploit-DB
Ethereal 0.10.10 - 'SIP' Protocol Dissector Remote Buffer Overflow2005-05-31

📋Vendor Advisories

1
Red Hat
security flaw2005-05-04

💬Community

1
Bugzilla
CVE-2005-1461 security flaw2018-08-16
CVE-2005-1461 (HIGH CVSS 7.5) | Multiple buffer overflows in the (1 | cvebase.io