CVE-2006-1934
published 2006-04-25CVE-2006-1934: Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via…
PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
5.03%
91.2th percentile
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q4cm-p57g-9hfg: Multiple buffer overflows in Ethereal 0
ghsa_unreviewed·2022-05-03
CVE-2006-1934 [MEDIUM] GHSA-q4cm-p57g-9hfg: Multiple buffer overflows in Ethereal 0
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
Red Hat
security flaw
vendor_redhat·2006-04-24·CVSS 5.0
CVE-2006-1934 [MEDIUM] security flaw
security flaw
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2006-1934 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2006-1934 [MEDIUM] CVE-2006-1934 security flaw
CVE-2006-1934 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
Bugzilla
CVE-2006-1932 Multiple ethereal issues (CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940, VE-2006-4805, CVE-2006-5468, CVE-2006-54
bugzilla·2006-05-12·CVSS 10.0
CVE-2006-1932 [CRITICAL] CVE-2006-1932 Multiple ethereal issues (CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940, VE-2006-4805, CVE-2006-5468, CVE-2006-54
CVE-2006-1932 Multiple ethereal issues (CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940, VE-2006-4805, CVE-2006-5468, CVE-2006-5469, CVE-2006-5740, CVE-2006-4574)
+++ This bug was initially created as a clone of Bug #189906 +++
Ethereal 0.99.0 has been released which fixes multiple issues. The release
information can be found here:
http://www.ethereal.com/appnotes/enpa-sa-00023.html
These issues should also affect RHEL2 and RHEL3
-- Additional comment from [email protected] on 2006-05-03 12:28 EST --
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://lists.suse.com/archive/suse-security-announce/2006-May/0004.htmlhttp://secunia.com/advisories/19769http://secunia.com/advisories/19805http://secunia.com/advisories/19828http://secunia.com/advisories/19839http://secunia.com/advisories/19958http://secunia.com/advisories/19962http://secunia.com/advisories/20117http://secunia.com/advisories/20210http://secunia.com/advisories/20944http://securitytracker.com/id?1015985http://support.avaya.com/elmodocs2/security/ASA-2006-128.htmhttp://www.debian.org/security/2006/dsa-1049http://www.ethereal.com/appnotes/enpa-sa-00023.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200604-17.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:077http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0420.htmlhttp://www.securityfocus.com/bid/17682http://www.vupen.com/english/advisories/2006/1501https://exchange.xforce.ibmcloud.com/vulnerabilities/26014https://exchange.xforce.ibmcloud.com/vulnerabilities/26026https://exchange.xforce.ibmcloud.com/vulnerabilities/26027https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://lists.suse.com/archive/suse-security-announce/2006-May/0004.htmlhttp://secunia.com/advisories/19769http://secunia.com/advisories/19805http://secunia.com/advisories/19828http://secunia.com/advisories/19839http://secunia.com/advisories/19958http://secunia.com/advisories/19962http://secunia.com/advisories/20117http://secunia.com/advisories/20210http://secunia.com/advisories/20944http://securitytracker.com/id?1015985http://support.avaya.com/elmodocs2/security/ASA-2006-128.htmhttp://www.debian.org/security/2006/dsa-1049http://www.ethereal.com/appnotes/enpa-sa-00023.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200604-17.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:077http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0420.htmlhttp://www.securityfocus.com/bid/17682http://www.vupen.com/english/advisories/2006/1501https://exchange.xforce.ibmcloud.com/vulnerabilities/26014https://exchange.xforce.ibmcloud.com/vulnerabilities/26026https://exchange.xforce.ibmcloud.com/vulnerabilities/26027https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445
2006-04-25
Published