CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-0507

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile17.40th
Published2004年8月18日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Affected Platforms (CPE)

📦
Ethereal Group

Ethereal

= 0.10.1
📦
Ethereal Group

Ethereal

= 0.10.2
📦
Ethereal Group

Ethereal

= 0.10.3
📦
Sgi

Propack

= 2.4
📦
Sgi

Propack

= 3.0

References & Advisories

🔗 ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
🔗 ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916
🔗 http://rhn.redhat.com/errata/RHSA-2004-234.html
🔗 http://secunia.com/advisories/11608
🔗 http://secunia.com/advisories/11776
🔗 http://secunia.com/advisories/11836
🔗 http://security.gentoo.org/glsa/glsa-200406-01.xml

関連する脆弱性情報

CVE-2003-043210.0

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS,...

CVE-2005-318410.0

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Eth...

CVE-2003-043110.0

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown con...

CVE-2006-193210.0

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.