Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-3243

7 documents6 sources
Severity
7.5HIGH
EPSS
20.2%
top 4.49%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedOct 27
Latest updateMay 1

Description

Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

â–¶NVDethereal_group/ethereal29 versions+28

Patches

Patch: www.ethereal.com ↗Patch: www.ethereal.com ↗

🔴Vulnerability Details

2
GHSA
GHSA-jv4m-p277-gxhh: Multiple buffer overflows in Ethereal 0↗2022-05-01
â–¶
CVEList
CVE-2005-3243: Multiple buffer overflows in Ethereal 0↗2005-10-27
â–¶

💥Exploits & PoCs

1
Exploit-DB
Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow (PoC)↗2005-10-20
â–¶

📋Vendor Advisories

1
Red Hat
security flaw↗2005-10-19
â–¶

💬Community

2
Bugzilla
CVE-2005-3243 security flaw↗2018-08-16
â–¶
Bugzilla
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)↗2005-10-17
â–¶
CVE-2005-3243 (HIGH CVSS 7.5) | Multiple buffer overflows in Ethere | cvebase.io