CVE-2004-0635

Published: Dec 6, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

Affected (37)

Products: Ethereal Group: Ethereal · Gentoo: Linux · Mandrakesoft: Mandrake Linux · +1 more

Show all products

Ethereal Group: Ethereal · Gentoo: Linux · Mandrakesoft: Mandrake Linux · Redhat: Enterprise Linux, Linux Advanced Workstation

1 product

1 product

1 product

2 products

Enterprise Linux

Linux Advanced Workstation

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Ethereal Group Ethereal	Version 0.10.1
Ethereal Group Ethereal	Version 0.10.2
Ethereal Group Ethereal	Version 0.10.3
Ethereal Group Ethereal	Version 0.10.4
Ethereal Group Ethereal	Version 0.10
Ethereal Group Ethereal	Version 0.8.15
Ethereal Group Ethereal	Version 0.8.16
Ethereal Group Ethereal	Version 0.8.17
Ethereal Group Ethereal	Version 0.8.18
Ethereal Group Ethereal	Version 0.8.19
Ethereal Group Ethereal	Version 0.9.10
Ethereal Group Ethereal	Version 0.9.11
Ethereal Group Ethereal	Version 0.9.12
Ethereal Group Ethereal	Version 0.9.13
Ethereal Group Ethereal	Version 0.9.14
Ethereal Group Ethereal	Version 0.9.15
Ethereal Group Ethereal	Version 0.9.16
Ethereal Group Ethereal	Version 0.9.1
Ethereal Group Ethereal	Version 0.9.2
Ethereal Group Ethereal	Version 0.9.3
Ethereal Group Ethereal	Version 0.9.4
Ethereal Group Ethereal	Version 0.9.5
Ethereal Group Ethereal	Version 0.9.6
Ethereal Group Ethereal	Version 0.9.7
Ethereal Group Ethereal	Version 0.9.8
Ethereal Group Ethereal	Version 0.9.9
Ethereal Group Ethereal	Version 0.9

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	All versions
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 9.2
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 2.1
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3.0
Redhat Linux Advanced Workstation	Version 2.1

References (28)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916

Source: cve@mitre.org

http://secunia.com/advisories/12024

Source: cve@mitre.org

http://securitytracker.com/id?1010655

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-528

Source: cve@mitre.org

http://www.ethereal.com/appnotes/enpa-sa-00015.html

Source: cve@mitre.org

URL Repurposed

http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/835846

Source: cve@mitre.org

US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-378.html

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16632

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9721

Source: cve@mitre.org

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12024

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1010655

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2004/dsa-528

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ethereal.com/appnotes/enpa-sa-00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

URL Repurposed

http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/835846

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-378.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/16632

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9721

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.