CVE Vulnerabilities

CVE-2004-0365

Published: May 04, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.

Affected Software

Name Vendor Start Version End Version
Ethereal Ethereal_group 0.8.13 0.8.13
Ethereal Ethereal_group 0.8.14 0.8.14
Ethereal Ethereal_group 0.8.18 0.8.18
Ethereal Ethereal_group 0.8.19 0.8.19
Ethereal Ethereal_group 0.9 0.9
Ethereal Ethereal_group 0.9.1 0.9.1
Ethereal Ethereal_group 0.9.2 0.9.2
Ethereal Ethereal_group 0.9.3 0.9.3
Ethereal Ethereal_group 0.9.4 0.9.4
Ethereal Ethereal_group 0.9.5 0.9.5
Ethereal Ethereal_group 0.9.6 0.9.6
Ethereal Ethereal_group 0.9.7 0.9.7
Ethereal Ethereal_group 0.9.8 0.9.8
Ethereal Ethereal_group 0.9.9 0.9.9
Ethereal Ethereal_group 0.9.10 0.9.10
Ethereal Ethereal_group 0.9.11 0.9.11
Ethereal Ethereal_group 0.9.12 0.9.12
Ethereal Ethereal_group 0.9.13 0.9.13
Ethereal Ethereal_group 0.9.14 0.9.14
Ethereal Ethereal_group 0.9.15 0.9.15
Ethereal Ethereal_group 0.9.16 0.9.16
Ethereal Ethereal_group 0.10 0.10
Ethereal Ethereal_group 0.10.1 0.10.1
Ethereal Ethereal_group 0.10.2 0.10.2
Red Hat Enterprise Linux 3 RedHat ethereal-0:0.10.3-0.30E.1 *
Red Hat Linux 9 RedHat ethereal *

References