CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2003-0431

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile26.29th
Published2003年7月24日
Last Modified2026年4月16日

Vulnerability Description

The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.

Affected Platforms (CPE)

📦
Ethereal Group

Ethereal

<= 0.9.12

References & Advisories

🔗 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt
🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662
🔗 http://secunia.com/advisories/9007
🔗 http://www.debian.org/security/2003/dsa-324
🔗 http://www.ethereal.com/appnotes/enpa-sa-00010.html
🔗 http://www.redhat.com/support/errata/RHSA-2003-077.html
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A101
🔗 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt

相關漏洞威脅

CVE-2004-050710.0

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possi...

CVE-2005-318410.0

Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Eth...

CVE-2003-043210.0

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS,...

CVE-2006-193210.0

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.