Vulnerability CVE-2003-0081

Vulnerability Name:

CVE-2003-0081 (CCN-11497)

Assigned:

2003-03-08

Published:

2003-03-08

Updated:

2017-10-10

Summary:

Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2003-0081

Source: CONECTIVA
Type: UNKNOWN
CLSA-2003:627

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:627
ethereal

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2003:051

Source: CCN
Type: RHSA-2003-076
Updated ethereal packages fix security vulnerabilities

Source: CCN
Type: RHSA-2003-077
ethereal security update

Source: FULLDISC
Type: UNKNOWN
20030308 Ethereal format string bug, yet still ethereal much better than windows

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-258

Source: DEBIAN
Type: DSA-258
ethereal -- format string vulnerability

Source: CCN
Type: Ethereal Web site
The Ethereal Network Analyzer

Source: CCN
Type: Ethereal Application Note enpa-sa-00008
SOCKS string format vulnerability in Ethereal 0.9.9

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.ethereal.com/appnotes/enpa-sa-00008.html

Source: CCN
Type: Georgi Guninski Security Advisory #60, 2003
Ethereal format string bug, yet still ethereal much better than windows

Source: MISC
Type: Exploit, Patch, Vendor Advisory
http://www.guninski.com/etherre.html

Source: GENTOO
Type: UNKNOWN
GLSA-200303-10

Source: CCN
Type: Gentoo Linux Security Announcement 200303-10
ethereal -- arbitrary code execution

Source: SUSE
Type: UNKNOWN
SuSE-SA:2003:019

Source: REDHAT
Type: UNKNOWN
RHSA-2003:076

Source: REDHAT
Type: UNKNOWN
RHSA-2003:077

Source: BID
Type: Patch, Vendor Advisory
7049

Source: CCN
Type: BID-7049
Ethereal SOCKS Dissector Format String Vulnerability

Source: XF
Type: UNKNOWN
ethereal-socks-format-string(11497)

Source: XF
Type: UNKNOWN
ethereal-socks-format-string(11497)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:54

Source: SUSE
Type: SUSE-SA:2003:019
ethereal: local privilege escalation

Vulnerable Configuration:

Configuration 1:

cpe:/a:ethereal_group:ethereal:0.8.18:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.0:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*

OR cpe:/a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20030081	V	CVE-2003-0081	2015-11-16
oval:org.mitre.oval:def:54	V	Ethereal SOCKS String Format Vulnerability	2007-04-25
oval:org.debian:def:258	V	format string vulnerability	2003-03-10

BACK