CVE-2005-3243

Sažetak

Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.

Reference

http://secunia.com/advisories/17254
http://secunia.com/advisories/17286
http://secunia.com/advisories/17327
http://secunia.com/advisories/17377
http://secunia.com/advisories/17392
http://secunia.com/advisories/17480
http://secunia.com/advisories/21813
http://securitytracker.com/id?1015082
http://www.debian.org/security/2006/dsa-1171
http://www.ethereal.com/appnotes/enpa-sa-00021.html
http://www.frsirt.com/exploits/20051020.ethereal_slimp3_bof.py.php
http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml
http://www.novell.com/linux/security/advisories/2005_25_sr.html
http://www.osvdb.org/20126
http://www.osvdb.org/20135
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html
http://www.redhat.com/support/errata/RHSA-2005-809.html
http://www.securityfocus.com/bid/15148
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9836

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-10-2017 - 01:30

Objavljeno

27-10-2005 - 10:02