发布时间 :2005-05-02 00:00:00
修订时间 :2010-08-21 00:25:21

[原文]Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."


        Ethereal 0.10.5至0.10.8的DNP解析器中存在未知漏洞,允许远程攻击者引起"内存损坏"攻击。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10689Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  ethereal-dnp-memory-corruption(19001)
(UNKNOWN)  BID  12326
(UNKNOWN)  FEDORA  FLSA-2006:152922

- 漏洞信息

中危 资料不足
2005-05-02 00:00:00 2005-10-20 00:00:00
        Ethereal 0.10.5至0.10.8的DNP解析器中存在未知漏洞,允许远程攻击者引起"内存损坏"攻击。

- 公告与补丁

        Ethereal Group Ethereal 0.10
        Ethereal Group Ethereal 0.10.9
        Ethereal Group Ethereal 0.10.1
        Ethereal Group Ethereal 0.10.9
        Ethereal Group Ethereal 0.10.2
        Ethereal Group Ethereal 0.10.9
        Ethereal Group Ethereal 0.10.3
        Ethereal Group Ethereal 0.10.9
        Fedora ethereal-0.10.9-1.FC2.1.i386.rpm
        RedHat Fedora Core 2
        Fedora ethereal-0.10.9-1.FC2.1.x86_64.rpm
        RedHat Fedora Core 2
        Fedora ethereal-debuginfo-0.10.9-1.FC2.1.i386.rpm
        RedHat Fedora Core 2
        Fedora ethereal-debuginfo-0.10.9-1.FC2.1.x86_64.rpm
        RedHat Fedora Core 2
        Fedora ethereal-gnome-0.10.9-1.FC2.1.i386.rpm
        RedHat Fedora Core 2
        Fedora ethereal-gnome-0.10.9-1.FC2.1.x86_64.rpm
        RedHat Fedora Core 2
        Fedora Legacy ethereal-0.10.13-1.FC2.2.legacy.i386.rpm
        Fedora Core 2: 3-1.FC2.2.legacy.i386.rpm
        Fedora Legacy ethereal-gnome-0.10.13-1.FC2.2.legacy.i386.rpm
        Fedora Core 2: 0.10.13-1.FC2.2.legacy.i386.rpm
        Mandrake ethereal-0.10.9-0.1.100mdk.amd64.rpm
        Mandrake Linux 10.0/AMD64
        Mandrake ethereal-0.10.9-0.1.100mdk.i586.rpm
        Mandrake Linux 10.0
        SuSE ethereal-0.10.3-15.12.i586.rpm 5.12.i586.rpm
        SuSE ethereal-0.10.3-15.12.x86_64.rpm .3-15.12.x86_64.rpm
        Ethereal Group Ethereal 0.10.4
        Ethereal Group Ethereal 0.10.9
        Ethereal Group Ethereal 0.10.5
        Ethereal Group Ethereal 0.10.9
        Ethereal Group Ethereal 0.10.6
        Ethereal Group Ethereal 0.10.9
        Fedora ethereal-0.10.9-1.FC3.1.i386.rpm
        RedHat Fedora Core 3
        Fedora ethereal-0.10.9-1.FC3.1.x86_64.rpm
        RedHat Fedora Core 3
        Fedora ethereal-debuginfo-0.10.9-1.FC3.1.i386.rpm
        RedHat Fedora Core 3
        Fedora ethereal-debuginfo-0.10.9-1.FC3.1.x86_64.rpm
        RedHat Fedora Core 3
        Fedora ethereal-gnome-0.10.9-1.FC3.1.i386.rpm
        RedHat Fedora Core 3
        Fedora ethereal-gnome-0.10.9-1.FC3.1.x86_64.rpm
        RedHat Fedora Core 3
        Mandrake ethereal-0.10.9-0.1.101mdk.i586.rpm
        Mandrake Linux 10.1
        Mandrake ethereal-0.10.9-0.1.101mdk.x86_64.rpm
        Mandrake Linux 10.1/x86_64
        Mandrake ethereal-tools-0.10.9-0.1.101mdk.i586.rpm
        Mandrake Linux 10.1
        Mandrake ethereal-tools-0.10.9-0.1.101mdk.x86_64.rpm
        Mandrake Linux 10.1/x86_64
        Mandrake lib64ethereal0-0.10.9-0.1.101mdk.x86_64.rpm
        Mandrake Linux 10.1/x86_64
        Mandrake libethereal0-0.10.9-0.1.101mdk.i586.rpm
        Mandrake Linux 10.1
        Mandrake tethereal-0.10.9-0.1.101mdk.i586.rpm
        Mandrake Linux 10.1
        Mandrake tethereal-0.10.9-0.1.101mdk.x86_64.rp

- 漏洞信息 (F35836)

ethereal-0.10.9.tar.gz (PacketStormID:F35836)
2005-01-22 00:00:00
Gerald Combs

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

- 漏洞信息

Ethereal DNP Dissector Memory Corruption DoS
Remote / Network Access Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown Vendor Verified

- 漏洞描述

Ethereal contains a memory corruption flaw related to the DNP dissector that may allow an attacker to cause a denial of service. No further details have been provided.

- 时间线

2005-01-20 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 0.10.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete