CVE-2006-1939

6 documents5 sources
Severity
5.0MEDIUM
EPSS
3.2%
top 12.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Ethereal Group Ethereal
Timeline
PublishedApr 25
Latest updateMay 3

Description

Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDethereal_group/ethereal35 versions+34

Patches

Patch: www.ethereal.comPatch: www.ethereal.com

🔴Vulnerability Details

2
GHSA
GHSA-j74p-5vhc-j95m: Multiple unspecified vulnerabilities in Ethereal 02022-05-03
CVEList
CVE-2006-1939: Multiple unspecified vulnerabilities in Ethereal 02006-04-25

📋Vendor Advisories

1
Red Hat
security flaw2006-04-24

💬Community

2
Bugzilla
CVE-2006-1939 security flaw2018-08-16
Bugzilla
CVE-2006-1932 Multiple ethereal issues (CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940, VE-2006-4805, CVE-2006-5468, CVE-2006-542006-05-12