CVE-2004-0365 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2004-0365
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0365

Description: The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/15571 SAID Secunia Advisory: SA11185 REDHAT http://www.redhat.com/support/errata/RHSA-2004-136.html http://www.redhat.com/support/errata/RHSA-2004-137.html OVAL http://oval.mitre.org/oval/definitions/data/oval879.html http://oval.mitre.org/oval/definitions/data/oval891.html MLIST http://marc.theaimsgroup.com/?l=ethereal-dev&m=107962966700423&w=2 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:024 GENTOO http://security.gentoo.org/glsa/glsa-200403-07.xml CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00013.html CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000835 CERT-VN 124454 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108213710306260&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=108058005324316&w=2

Return to the previous page.