CVE-2005-0699

Severity

75%

Complexity

99%

Confidentiality

106%

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 19 years ago

2005-03-08 05:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Conectiva Linux 9.0

9.0

Conectiva Linux 10.0

10.0

Red Hat Desktop 3.0

3.0

Red Hat Desktop 4.0

4.0

References

20050309 RE: Ethereal remote buffer overflow - addon

20050314 Ethereal 0.10.9 and below remote root exploit

GLSA-200503-16

Patch, Vendor Advisory

http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04

http://www.ethereal.com/appnotes/enpa-sa-00018.html

Exploit, Patch, Vendor Advisory

MDKSA-2005:053

FLSA-2006:152922

RHSA-2005:306

Patch, Vendor Advisory

20050308 Ethereal remote buffer overflow

Exploit, Vendor Advisory

12759

Exploit, Patch, Vendor Advisory

oval:org.mitre.oval:def:10147

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.