CVE-2005-3651
NONE EPSS 92.6%
Published Dec 10, 200520y ago · Modified Jun 16, 20262w ago
Published Dec 10, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
Threat Intelligence
EPSS Exploit Probability
92.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 39
| Vendor | Product | Version | Range |
|---|---|---|---|
| ethereal_group | ethereal | 0.7.7 | any |
| ethereal_group | ethereal | 0.8 | any |
| ethereal_group | ethereal | 0.8.5 | any |
| ethereal_group | ethereal | 0.8.13 | any |
| ethereal_group | ethereal | 0.8.14 | any |
| ethereal_group | ethereal | 0.8.15 | any |
| ethereal_group | ethereal | 0.8.18 | any |
| ethereal_group | ethereal | 0.8.19 | any |
| ethereal_group | ethereal | 0.9 | any |
| ethereal_group | ethereal | 0.9.1 | any |
| ethereal_group | ethereal | 0.9.2 | any |
| ethereal_group | ethereal | 0.9.3 | any |
| ethereal_group | ethereal | 0.9.4 | any |
| ethereal_group | ethereal | 0.9.5 | any |
| ethereal_group | ethereal | 0.9.6 | any |
| ethereal_group | ethereal | 0.9.7 | any |
| ethereal_group | ethereal | 0.9.8 | any |
| ethereal_group | ethereal | 0.9.9 | any |
| ethereal_group | ethereal | 0.9.10 | any |
| ethereal_group | ethereal | 0.9.11 | any |
| ethereal_group | ethereal | 0.9.12 | any |
| ethereal_group | ethereal | 0.9.13 | any |
| ethereal_group | ethereal | 0.9.14 | any |
| ethereal_group | ethereal | 0.9.15 | any |
| ethereal_group | ethereal | 0.9.16 | any |
| ethereal_group | ethereal | 0.10 | any |
| ethereal_group | ethereal | 0.10.1 | any |
| ethereal_group | ethereal | 0.10.2 | any |
| ethereal_group | ethereal | 0.10.3 | any |
| ethereal_group | ethereal | 0.10.4 | any |
| ethereal_group | ethereal | 0.10.5 | any |
| ethereal_group | ethereal | 0.10.6 | any |
| ethereal_group | ethereal | 0.10.7 | any |
| ethereal_group | ethereal | 0.10.8 | any |
| ethereal_group | ethereal | 0.10.9 | any |
| ethereal_group | ethereal | 0.10.10 | any |
| ethereal_group | ethereal | 0.10.11 | any |
| ethereal_group | ethereal | 0.10.12 | any |
| ethereal_group | ethereal | 0.10.13 | any |
References 23
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
- anonsvn.ethereal.com http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.c
- lists.suse.de http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
- secunia.com http://secunia.com/advisories/17973
- secunia.com http://secunia.com/advisories/18012
- secunia.com http://secunia.com/advisories/18062
- secunia.com http://secunia.com/advisories/18331
- secunia.com http://secunia.com/advisories/18426
- secunia.com http://secunia.com/advisories/18911
- secunia.com http://secunia.com/advisories/19012
- secunia.com http://secunia.com/advisories/19230
- securityreason.com http://securityreason.com/securityalert/247
- securitytracker.com http://securitytracker.com/id?1015337
- debian.org http://www.debian.org/security/2005/dsa-920
- ethereal.com http://www.ethereal.com/appnotes/enpa-sa-00022.html
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200512-06.xml
- idefense.com http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:227
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:002
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0156.html
- securityfocus.com http://www.securityfocus.com/bid/15794
- vupen.com http://www.vupen.com/english/advisories/2005/2830
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11286
Remediation
- idefense.com http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
- securityfocus.com http://www.securityfocus.com/bid/15794