Ethereal Group Ethereal — known CVE vulnerabilities
Every CVE whose affected-product data names Ethereal Group Ethereal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (105)
CVE-2006-3632 — CVSS 10.0 (critical): Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute…
CVE-2003-0431 — CVSS 10.0 (critical): The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
CVE-2006-3628 — CVSS 10.0 (critical): Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and…
CVE-2004-0507 — CVSS 10.0 (critical): Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly…
CVE-2005-3184 — CVSS 10.0 (critical): Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal…
CVE-2003-0432 — CVSS 10.0 (critical): Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4)…
CVE-2006-1932 — CVSS 10.0 (critical): Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.
CVE-2007-6118 — CVSS 7.8 (high): The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and…
CVE-2005-4585 — CVSS 7.8 (high): Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite…
CVE-2006-3629 — CVSS 7.8 (high): Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of…
CVE-2005-1463 — CVSS 7.5 (high): Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to…
CVE-2000-1174 — CVSS 7.5 (high): Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a…
CVE-2005-3651 — CVSS 7.5 (high): Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly…
CVE-2002-1356 — CVSS 7.5 (high): Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed…
CVE-2003-0081 — CVSS 7.5 (high): Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute…
CVE-2003-0159 — CVSS 7.5 (high): Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and…
CVE-2003-0357 — CVSS 7.5 (high): Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly…
CVE-2005-0084 — CVSS 7.5 (high): Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted…
CVE-2005-0699 — CVSS 7.5 (high): Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and…
CVE-2005-0704 — CVSS 7.5 (high): Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service…
CVE-2002-0402 — CVSS 7.5 (high): Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly…
CVE-2002-0821 — CVSS 7.5 (high): Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the…
CVE-2005-2367 — CVSS 7.5 (high): Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows…
CVE-2003-0925 — CVSS 7.5 (high): Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via…
CVE-2002-0822 — CVSS 7.5 (high): Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2)…
CVE-2005-3243 — CVSS 7.5 (high): Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the…
CVE-2003-0927 — CVSS 7.5 (high): Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2002-0834 — CVSS 7.5 (high): Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute…
CVE-2005-1462 — CVSS 7.5 (high): Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
CVE-2003-0429 — CVSS 7.5 (high): The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code…
CVE-1999-1227 — CVSS 7.2 (high): Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
CVE-2007-6111 — CVSS 7.1 (high): Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a…
CVE-2005-3249 — CVSS 6.4 (medium): Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or…
CVE-2005-1456 — CVSS 5.0 (medium): Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a…
CVE-2005-1457 — CVSS 5.0 (medium): Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in…
CVE-2005-1458 — CVSS 5.0 (medium): Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.
CVE-2005-1460 — CVSS 5.0 (medium): Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid…
CVE-2005-1464 — CVSS 5.0 (medium): Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in…
CVE-2005-1465 — CVSS 5.0 (medium): Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).
CVE-2005-1466 — CVSS 5.0 (medium): Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory…
CVE-2005-1467 — CVSS 5.0 (medium): Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory…
CVE-2005-1468 — CVSS 5.0 (medium): Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON…
CVE-2005-1469 — CVSS 5.0 (medium): Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid…
CVE-2005-1470 — CVSS 5.0 (medium): Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11…
CVE-2005-2360 — CVSS 5.0 (medium): Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free…
CVE-2005-2361 — CVSS 5.0 (medium): Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6)…
CVE-2005-2362 — CVSS 5.0 (medium): Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service…
CVE-2005-2363 — CVSS 5.0 (medium): Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, (3) DHCP, (4) MEGACO dissector, or (5) H1 dissector in Ethereal…
CVE-2005-2364 — CVSS 5.0 (medium): Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAMEL dissector in Ethereal 0.8.20 through 0.10.11 allows remote…
CVE-2005-2365 — CVSS 5.0 (medium): Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial…
CVE-2005-2366 — CVSS 5.0 (medium): Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows remote attackers to cause a denial of service (abort or infinite…
CVE-2005-3241 — CVSS 5.0 (medium): Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via…
CVE-2005-3242 — CVSS 5.0 (medium): Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and…
CVE-2005-3244 — CVSS 5.0 (medium): The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2005-3245 — CVSS 5.0 (medium): Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is…
CVE-2005-3246 — CVSS 5.0 (medium): Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI…
CVE-2005-3247 — CVSS 5.0 (medium): The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2005-3248 — CVSS 5.0 (medium): Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service…
CVE-2005-3313 — CVSS 5.0 (medium): The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
CVE-2006-1933 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or…
CVE-2006-1934 — CVSS 5.0 (medium): Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2006-1936 — CVSS 5.0 (medium): Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.
CVE-2006-1937 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null…
CVE-2006-1938 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null…
CVE-2006-1939 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null…
CVE-2006-1940 — CVSS 5.0 (medium): Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP…
CVE-2007-6120 — CVSS 5.0 (medium): The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite…
CVE-2007-6121 — CVSS 5.0 (medium): Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap…
CVE-2006-1935 — CVSS 5.0 (medium): Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2000-0333 — CVSS 5.0 (medium): tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump…
CVE-2002-0353 — CVSS 5.0 (medium): The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet…
CVE-2002-0403 — CVSS 5.0 (medium): DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that…
CVE-2002-0404 — CVSS 5.0 (medium): Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).
CVE-2002-1355 — CVSS 5.0 (medium): Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service…
CVE-2003-0428 — CVSS 5.0 (medium): Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service…
CVE-2003-0430 — CVSS 5.0 (medium): The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.
CVE-2003-0926 — CVSS 5.0 (medium): Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP…
CVE-2003-1012 — CVSS 5.0 (medium): The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a…
CVE-2004-0176 — CVSS 5.0 (medium): Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary…
CVE-2004-0367 — CVSS 5.0 (medium): Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.
CVE-2004-0504 — CVSS 5.0 (medium): Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
CVE-2004-0505 — CVSS 5.0 (medium): The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.
CVE-2004-0506 — CVSS 5.0 (medium): The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors…
CVE-2004-0633 — CVSS 5.0 (medium): The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer…
CVE-2004-0634 — CVSS 5.0 (medium): The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a…
CVE-2004-0635 — CVSS 5.0 (medium): The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1)…
CVE-2004-1139 — CVSS 5.0 (medium): Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service…
CVE-2004-1140 — CVSS 5.0 (medium): Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk…
CVE-2004-1141 — CVSS 5.0 (medium): The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain…
CVE-2004-1142 — CVSS 5.0 (medium): Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-1145 — CVSS 5.0 (medium): Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not…
CVE-2004-1761 — CVSS 5.0 (medium): Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color…
CVE-2005-0006 — CVSS 5.0 (medium): The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
CVE-2005-0007 — CVSS 5.0 (medium): Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service…
CVE-2005-0008 — CVSS 5.0 (medium): Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."
CVE-2005-0009 — CVSS 5.0 (medium): Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service…
CVE-2005-0010 — CVSS 5.0 (medium): Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by…
CVE-2005-0705 — CVSS 5.0 (medium): The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a…
CVE-2005-0739 — CVSS 5.0 (medium): The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could…
CVE-2005-0765 — CVSS 5.0 (medium): Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).
CVE-2005-0766 — CVSS 5.0 (medium): Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service…
CVE-2005-1281 — CVSS 5.0 (medium): Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
CVE-2010-1455 — CVSS 4.3 (medium): The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of…