CVE-2002-0401
7.5
CVSS Score
High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Link copied!
Description
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Software Configurations
- a ethereal ethereal * * * * * * * *
- o debian debian_linux 2.2 * * * * * * *
Weaknesses (CWE)
- CWE-476
References & External Links
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt
- http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505
- http://marc.info/?l=bugtraq&m=102268626526119&w=2
- http://www.debian.org/security/2002/dsa-130
- http://www.ethereal.com/appnotes/enpa-sa-00004.html
- http://www.iss.net/security_center/static/9204.php
- http://www.redhat.com/support/errata/RHSA-2002-036.html
- http://www.redhat.com/support/errata/RHSA-2002-088.html
- http://www.securityfocus.com/bid/4806
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt
- http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505
- http://marc.info/?l=bugtraq&m=102268626526119&w=2
- http://www.debian.org/security/2002/dsa-130
- http://www.ethereal.com/appnotes/enpa-sa-00004.html
- http://www.iss.net/security_center/static/9204.php
- http://www.redhat.com/support/errata/RHSA-2002-036.html
- http://www.redhat.com/support/errata/RHSA-2002-088.html
- http://www.securityfocus.com/bid/4806
External Resources
CVE History Timeline
Jan 01, 2004 05:00
Initial Analysis
Oct 18, 2016 02:20
CVE Modified
Feb 14, 2024 01:17
Reference Tag Update
Feb 16, 2024 17:07
Modified Analysis
May 14, 2024 01:20
CVE Modified
Nov 20, 2024 23:39
CVE Modified