CVE-2003-0356 in Etherealinfo

Summary

Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/29/2003

Disclosure

06/09/2003

Moderation

VulDB entry created

Entries

VDB-20509 (1)

CPE

ready

CWE

CWE-193 (Confirmed)

CVSS

10.0

EPSS

0.28414

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0356
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0356
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0356/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!