CyberSec.Space Logo
返回 CVE 浏览器

CVE-2003-0432

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile4.90th
Published2003年7月24日
Last Modified2026年4月16日

Vulnerability Description

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

Affected Platforms (CPE)

📦
Ethereal Group

Ethereal

<= 0.9.12

References & Advisories

🔗 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt
🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662
🔗 http://secunia.com/advisories/9007
🔗 http://www.debian.org/security/2003/dsa-324
🔗 http://www.ethereal.com/appnotes/enpa-sa-00010.html
🔗 http://www.redhat.com/support/errata/RHSA-2003-077.html
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A106
🔗 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt

相关漏洞威胁

CVE-2004-050710.0

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possi...

CVE-2005-318410.0

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Eth...

CVE-2003-043110.0

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown con...

CVE-2006-193210.0

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.