CVE-2005-3243
published 2005-10-27CVE-2005-3243: Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2)…
PriorityP347high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
10.83%
95.3th percentile
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jv4m-p277-gxhh: Multiple buffer overflows in Ethereal 0
ghsa_unreviewed·2022-05-01
CVE-2005-3243 [HIGH] GHSA-jv4m-p277-gxhh: Multiple buffer overflows in Ethereal 0
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
Red Hat
security flaw
vendor_redhat·2005-10-19·CVSS 7.5
CVE-2005-3243 [HIGH] security flaw
security flaw
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
No detection rules found.
Bugzilla
CVE-2005-3243 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2005-3243 [HIGH] CVE-2005-3243 security flaw
CVE-2005-3243 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
Bugzilla
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
bugzilla·2005-10-17·CVSS 10.0
CVE-2005-3241 [CRITICAL] CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
Ethereal 0.10.13 is scheduled to be released, which fixes the following issues:
The ISAKMP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15163
Bug IDs: none
Versions affected: 0.10.11 to 0.10.12.
The FC-FCS dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15204
Bug IDs: 312
Versions affected: 0.9.0 to 0.10.12.
The RSVP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15206, r15600
Bug IDs: 311, 314, 382
Versions affected: 0.9.4 to 0.10.12.
The ISIS LSP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15245
Bug IDs: 320, 326
Versions affected: 0.8.18 t
http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://secunia.com/advisories/21813http://securitytracker.com/id?1015082http://www.debian.org/security/2006/dsa-1171http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.frsirt.com/exploits/20051020.ethereal_slimp3_bof.py.phphttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20126http://www.osvdb.org/20135http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9836http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://secunia.com/advisories/21813http://securitytracker.com/id?1015082http://www.debian.org/security/2006/dsa-1171http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.frsirt.com/exploits/20051020.ethereal_slimp3_bof.py.phphttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20126http://www.osvdb.org/20135http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9836
2005-10-27
Published