CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0507

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile17.40th
PublishedAug 18, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Affected Platforms (CPE)

πŸ“¦
Ethereal Group

Ethereal

= 0.10.1
πŸ“¦
Ethereal Group

Ethereal

= 0.10.2
πŸ“¦
Ethereal Group

Ethereal

= 0.10.3
πŸ“¦
Sgi

Propack

= 2.4
πŸ“¦
Sgi

Propack

= 3.0

References & Advisories

πŸ”— ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
πŸ”— ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916
πŸ”— http://rhn.redhat.com/errata/RHSA-2004-234.html
πŸ”— http://secunia.com/advisories/11608
πŸ”— http://secunia.com/advisories/11776
πŸ”— http://secunia.com/advisories/11836
πŸ”— http://security.gentoo.org/glsa/glsa-200406-01.xml

Related Vulnerabilities

CVE-2003-043210.0

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS,...

CVE-2005-318410.0

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Eth...

CVE-2003-043110.0

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown con...

CVE-2006-193210.0

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.