CVE-2005-3651
published 2005-12-10CVE-2005-3651: Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
6.20%
92.6th percentile
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5c39-44xr-89vv: Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0
ghsa_unreviewed·2022-05-03
CVE-2005-3651 [HIGH] GHSA-5c39-44xr-89vv: Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Red Hat
security flaw
vendor_redhat·2005-12-09·CVSS 7.5
CVE-2005-3651 [HIGH] security flaw
security flaw
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-3651 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2005-3651 [HIGH] CVE-2005-3651 security flaw
CVE-2005-3651 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Bugzilla
CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
bugzilla·2006-01-04·CVSS 7.5
CVE-2005-3651 [HIGH] CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
iDEFENSE discovered a buffer overflow vulnerability in Ethereal's OSPF protocol
dissector.
http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
This issue also affects RHEL2.1 and RHEL3
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0156.html
Bugzilla
CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
bugzilla·2006-01-04·CVSS 7.5
CVE-2005-3651 [HIGH] CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
CVE-2005-3651 ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
+++ This bug was initially created as a clone of Bug #176940 +++
iDEFENSE discovered a buffer overflow vulnerability in Ethereal's OSPF protocol
dissector.
http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
This issue also affects FC3
Discussion:
FC4 and FC3 updates were pushed out - ethereal-0.10.14
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-Uhttp://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.chttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.htmlhttp://secunia.com/advisories/17973http://secunia.com/advisories/18012http://secunia.com/advisories/18062http://secunia.com/advisories/18331http://secunia.com/advisories/18426http://secunia.com/advisories/18911http://secunia.com/advisories/19012http://secunia.com/advisories/19230http://securityreason.com/securityalert/247http://securitytracker.com/id?1015337http://www.debian.org/security/2005/dsa-920http://www.ethereal.com/appnotes/enpa-sa-00022.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200512-06.xmlhttp://www.idefense.com/application/poi/display?id=349&type=vulnerabilitieshttp://www.mandriva.com/security/advisories?name=MDKSA-2005:227http://www.mandriva.com/security/advisories?name=MDKSA-2006:002http://www.redhat.com/support/errata/RHSA-2006-0156.htmlhttp://www.securityfocus.com/bid/15794http://www.vupen.com/english/advisories/2005/2830https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11286ftp://patches.sgi.com/support/free/security/advisories/20060201-01-Uhttp://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.chttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.htmlhttp://secunia.com/advisories/17973http://secunia.com/advisories/18012http://secunia.com/advisories/18062http://secunia.com/advisories/18331http://secunia.com/advisories/18426http://secunia.com/advisories/18911http://secunia.com/advisories/19012http://secunia.com/advisories/19230http://securityreason.com/securityalert/247http://securitytracker.com/id?1015337http://www.debian.org/security/2005/dsa-920http://www.ethereal.com/appnotes/enpa-sa-00022.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200512-06.xmlhttp://www.idefense.com/application/poi/display?id=349&type=vulnerabilitieshttp://www.mandriva.com/security/advisories?name=MDKSA-2005:227http://www.mandriva.com/security/advisories?name=MDKSA-2006:002http://www.redhat.com/support/errata/RHSA-2006-0156.htmlhttp://www.securityfocus.com/bid/15794http://www.vupen.com/english/advisories/2005/2830https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11286
2005-12-10
Published