Description
Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
Product(s):
- Ethereal Group Ethereal 0.10.10
- Ethereal Group Ethereal 0.10.1
- Ethereal Group Ethereal 0.10.2
- Ethereal Group Ethereal 0.10.3
- Ethereal Group Ethereal 0.10.4
- Ethereal Group Ethereal 0.10.5
- Ethereal Group Ethereal 0.10.6
- Ethereal Group Ethereal 0.10.7
- Ethereal Group Ethereal 0.10.8
- Ethereal Group Ethereal 0.10.9
- Ethereal Group Ethereal 0.10
- Ethereal Group Ethereal 0.8.13
- Ethereal Group Ethereal 0.8.14
- Ethereal Group Ethereal 0.8.15
- Ethereal Group Ethereal 0.8.18
- Ethereal Group Ethereal 0.8.19
- Ethereal Group Ethereal 0.8
- Ethereal Group Ethereal 0.9.10
- Ethereal Group Ethereal 0.9.11
- Ethereal Group Ethereal 0.9.12
- Ethereal Group Ethereal 0.9.13
- Ethereal Group Ethereal 0.9.14
- Ethereal Group Ethereal 0.9.15
- Ethereal Group Ethereal 0.9.16
- Ethereal Group Ethereal 0.9.1
- Ethereal Group Ethereal 0.9.2
- Ethereal Group Ethereal 0.9.3
- Ethereal Group Ethereal 0.9.4
- Ethereal Group Ethereal 0.9.5
- Ethereal Group Ethereal 0.9.6
- Ethereal Group Ethereal 0.9.7
- Ethereal Group Ethereal 0.9.8
- Ethereal Group Ethereal 0.9.9
- Ethereal Group Ethereal 0.9
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-1460, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-1460 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.