CVE-2004-0634

Published: Dec 6, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

Affected (12)

Products: Ethereal Group: Ethereal · Gentoo: Linux · Mandrakesoft: Mandrake Linux · +1 more

Show all products

Ethereal Group: Ethereal · Gentoo: Linux · Mandrakesoft: Mandrake Linux · Redhat: Enterprise Linux, Linux Advanced Workstation

1 product

1 product

1 product

2 products

Enterprise Linux

Linux Advanced Workstation

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ethereal Group Ethereal	Version 0.10.4
Ethereal Group Ethereal	Version 0.9.15

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	All versions
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 9.2
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Linux Advanced Workstation	Version 2.1

References (26)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916

Source: cve@mitre.org

http://secunia.com/advisories/12024

Source: cve@mitre.org

http://securitytracker.com/id?1010655

Source: cve@mitre.org

http://www.ethereal.com/appnotes/enpa-sa-00015.html

Source: cve@mitre.org

URL Repurposed

http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/518782

Source: cve@mitre.org

US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-378.html

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16631

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10252

Source: cve@mitre.org

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12024

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1010655

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ethereal.com/appnotes/enpa-sa-00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

URL Repurposed

http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/518782

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-378.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/16631

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10252

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.