Description
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
Product(s):
- Ethereal Group Ethereal 0.10.1
- Ethereal Group Ethereal 0.10.2
- Ethereal Group Ethereal 0.10
- Ethereal Group Ethereal 0.8.13
- Ethereal Group Ethereal 0.8.14
- Ethereal Group Ethereal 0.8.18
- Ethereal Group Ethereal 0.8.19
- Ethereal Group Ethereal 0.9.10
- Ethereal Group Ethereal 0.9.11
- Ethereal Group Ethereal 0.9.12
- Ethereal Group Ethereal 0.9.13
- Ethereal Group Ethereal 0.9.14
- Ethereal Group Ethereal 0.9.15
- Ethereal Group Ethereal 0.9.16
- Ethereal Group Ethereal 0.9.1
- Ethereal Group Ethereal 0.9.2
- Ethereal Group Ethereal 0.9.3
- Ethereal Group Ethereal 0.9.4
- Ethereal Group Ethereal 0.9.5
- Ethereal Group Ethereal 0.9.6
- Ethereal Group Ethereal 0.9.7
- Ethereal Group Ethereal 0.9.8
- Ethereal Group Ethereal 0.9.9
- Ethereal Group Ethereal 0.9
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-0176, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-0176 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.