Vulnerability Name:

CVE-2005-2367 (CCN-21624)

Assigned:2005-07-26
Published:2005-07-26
Updated:2017-10-11
Summary:Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-2367

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2005:1003
Fixes for multiple security vulnerabilities in ethereal

Source: CCN
Type: RHSA-2005-687
ethereal security update

Source: CCN
Type: SA16225
Ethereal Multiple Protocol Dissector and zlib Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
16225

Source: SECUNIA
Type: UNKNOWN
17102

Source: CCN
Type: CIAC INFORMATION BULLETIN P-260
Ethereal 0.10.12 Released

Source: DEBIAN
Type: UNKNOWN
DSA-853

Source: DEBIAN
Type: DSA-853
ethereal -- several vulnerabilities

Source: CCN
Type: Ethereal, a network protocol analyzer
Ethereal- The world's most popular network protocol analyzer

Source: CCN
Type: Ethereal Security Advisory #enpa-sa-00020
Multiple problems in Ethereal versions 0.8.5 to 0.10.10

Source: CONFIRM
Type: Patch
http://www.ethereal.com/appnotes/enpa-sa-00020.html

Source: CCN
Type: Ethereal- Download
Ethereal Download page

Source: CCN
Type: GLSA-200507-27
Ethereal: Multiple vulnerabilities

Source: GENTOO
Type: Patch
GLSA-200507-27

Source: IDEFENSE
Type: Vendor Advisory
20050805 Multiple Vendor Ethereal AFP Protocol Dissector Format String Vulnerability

Source: CCN
Type: iDEFENSE Security Advisory 08.05.05
Multiple Vendor Ethereal AFP Protocol Dissector Format String Vulnerability

Source: MANDRAKE
Type: Patch, Vendor Advisory
MDKSA-2005:131

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:018

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:019

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152922

Source: REDHAT
Type: UNKNOWN
RHSA-2005:687

Source: BID
Type: UNKNOWN
14399

Source: CCN
Type: BID-14399
Ethereal Multiple Protocol Dissector Vulnerabilities

Source: XF
Type: UNKNOWN
ethereal-dissectors-format-string(21624)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10765

Source: SUSE
Type: SUSE-SR:2005:018
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2005:019
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.0:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.8:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.9:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.10:*:*:*:*:*:*:*
  • OR cpe:/a:ethereal_group:ethereal:0.10.11:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnu:zlib:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:zlib:1.2.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052367
    V
    		CVE-2005-2367
    2015-11-16
    oval:org.mitre.oval:def:10765
    V
    		Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
    2013-04-29
    oval:org.debian:def:853
    V
    		several vulnerabilities
    2005-10-09
    oval:com.redhat.rhsa:def:20050687
    P
    		RHSA-2005:687: ethereal security update (Moderate)
    2005-08-10
    BACK
    ethereal_group ethereal 0.9.4
    ethereal_group ethereal 0.9.5
    ethereal_group ethereal 0.9.6
    ethereal_group ethereal 0.9.7
    ethereal_group ethereal 0.9.8
    ethereal_group ethereal 0.9.9
    ethereal_group ethereal 0.9.10
    ethereal_group ethereal 0.9.11
    ethereal_group ethereal 0.9.12
    ethereal_group ethereal 0.9.13
    ethereal_group ethereal 0.9.14
    ethereal_group ethereal 0.9.15
    ethereal_group ethereal 0.9.16
    ethereal_group ethereal 0.10.0
    ethereal_group ethereal 0.10.1
    ethereal_group ethereal 0.10.2
    ethereal_group ethereal 0.10.3
    ethereal_group ethereal 0.10.4
    ethereal_group ethereal 0.10.5
    ethereal_group ethereal 0.10.6
    ethereal_group ethereal 0.10.7
    ethereal_group ethereal 0.10.8
    ethereal_group ethereal 0.10.9
    ethereal_group ethereal 0.10.10
    ethereal_group ethereal 0.10.11
    gnu zlib 1.2.2
    gnu zlib 1.2.1
    debian debian linux 3.0
    gentoo linux *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.1
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1