CVE-2003-0432

Published: Jul 24, 2003Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.

Affected (1)

Products: Ethereal Group: Ethereal

Ethereal Group

1 product

Ethereal

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ethereal Group Ethereal	Up to 0.9.12

References (14)

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt (unsafe URL)

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000662

Source: cve@mitre.org

http://secunia.com/advisories/9007

Source: cve@mitre.org

http://www.debian.org/security/2003/dsa-324

Source: cve@mitre.org

PatchVendor Advisory

http://www.ethereal.com/appnotes/enpa-sa-00010.html

Source: cve@mitre.org

PatchVendor AdvisoryURL Repurposed

http://www.redhat.com/support/errata/RHSA-2003-077.html

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A106

Source: cve@mitre.org

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-030.0.txt (unsafe URL)