|
|
CVE Reference: CVE-2005-0739 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0739 |
|
|
Description: The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. |
|
|
CVE Status: Candidate |
|
|
References: REDHAT http://www.redhat.com/support/errata/RHSA-2005-306.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9687 MISC http://anonsvn.ethereal.com/viewcvs/viewcvs.py?view=rev&rev=13707 http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05 MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2005:053 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml FEDORA http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html DEBIAN http://www.debian.org/security/2005/dsa-718 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00018.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111066805726551&w=2 BID 12762 |
|
| Return to the previous page. |
