CVE-2005-3244
published 2005-10-27CVE-2005-3244: The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
3.94%
89.1th percentile
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7pv5-vw9g-f4h3: The BER dissector in Ethereal 0
ghsa_unreviewed·2022-05-01
CVE-2005-3244 [MEDIUM] GHSA-7pv5-vw9g-f4h3: The BER dissector in Ethereal 0
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
Red Hat
security flaw
vendor_redhat·2005-10-19·CVSS 5.0
CVE-2005-3244 [MEDIUM] security flaw
security flaw
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-3244 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-3244 [MEDIUM] CVE-2005-3244 security flaw
CVE-2005-3244 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
Bugzilla
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
bugzilla·2005-10-17·CVSS 10.0
CVE-2005-3241 [CRITICAL] CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
CVE-2005-3241 Multiple ethereal issues (CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3184)
Ethereal 0.10.13 is scheduled to be released, which fixes the following issues:
The ISAKMP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15163
Bug IDs: none
Versions affected: 0.10.11 to 0.10.12.
The FC-FCS dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15204
Bug IDs: 312
Versions affected: 0.9.0 to 0.10.12.
The RSVP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15206, r15600
Bug IDs: 311, 314, 382
Versions affected: 0.9.4 to 0.10.12.
The ISIS LSP dissector could exhaust system memory. (CAN-2005-3241)
Fixed in: r15245
Bug IDs: 320, 326
Versions affected: 0.8.18 t
http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://secunia.com/advisories/21813http://securitytracker.com/id?1015082http://www.debian.org/security/2006/dsa-1171http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20127http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9665http://secunia.com/advisories/17254http://secunia.com/advisories/17286http://secunia.com/advisories/17327http://secunia.com/advisories/17377http://secunia.com/advisories/17392http://secunia.com/advisories/17480http://secunia.com/advisories/21813http://securitytracker.com/id?1015082http://www.debian.org/security/2006/dsa-1171http://www.ethereal.com/appnotes/enpa-sa-00021.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200510-25.xmlhttp://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://www.osvdb.org/20127http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.htmlhttp://www.redhat.com/support/errata/RHSA-2005-809.htmlhttp://www.securityfocus.com/bid/15148https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9665
2005-10-27
Published