CVE-2005-3184
published 2005-10-20CVE-2005-3184: Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers…
PriorityP345critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.64%
93.8th percentile
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | <= 0.10.12 | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2005-10-19·CVSS 10.0
CVE-2005-3184 [CRITICAL] security flaw
security flaw
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
GHSA
GHSA-6w2p-2q8v-8qwr: Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc
ghsa_unreviewed·2022-05-01
CVE-2005-3184 [HIGH] GHSA-6w2p-2q8v-8qwr: Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-3184 security flaw
bugzilla·2018-08-16·CVSS 10.0
CVE-2005-3184 [CRITICAL] CVE-2005-3184 security flaw
CVE-2005-3184 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
Bugzilla
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
bugzilla·2005-10-17·CVSS 10.0
CVE-2005-3241 [CRITICAL] CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
Ethereal 0.10.13 is scheduled to be released, which fixes the following issues:
The ISAKMP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15163
Bug IDs: none
Versions affected: 0.10.11 to 0.10.12.
The FC-FCS dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15204
Bug IDs: 312
Versions affected: 0.9.0 to 0.10.12.
The RSVP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15206, r15600
Bug IDs: 311, 314, 382
Versions affected: 0.9.4 to 0.10.12.
The ISIS LSP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15245
Bug IDs: 320, 326
Versions affected: 0.8.18 t
http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://securitytracker.com/id?1015082http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.idefense.com/application/poi/display?id=323&type=vulnerabilitieshttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20137http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148http://www.securityfocus.com/bid/15158https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10074http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://securitytracker.com/id?1015082http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.idefense.com/application/poi/display?id=323&type=vulnerabilitieshttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20137http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148http://www.securityfocus.com/bid/15158https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10074
2005-10-20
Published