Skip to content
High Published: May 04, 2004 Modified: Apr 03, 2025

CVE-2004-0365

7.5 CVSS Score High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Export CVE-2004-0365 Data:
Share:
Link copied!

Description

The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Affected Software Configurations

  • a ethereal ethereal * * * * * * * *

Weaknesses (CWE)

  • CWE-476

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2001-1559 CVSS 5.5 Same weakness: CWE-476 CVE-2002-0401 CVSS 7.5 Same weakness: CWE-476 CVE-2002-1912 CVSS 7.5 Same weakness: CWE-476 CVE-2003-1000 CVSS 7.5 Same weakness: CWE-476 CVE-2003-1013 CVSS 7.5 Same weakness: CWE-476

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 18, 2016 02:44 CVE Modified
Jul 11, 2017 01:30 CVE Modified
Oct 11, 2017 01:29 CVE Modified
Dec 28, 2023 15:33 Modified Analysis
Feb 14, 2024 01:17 Reference Tag Update
May 14, 2024 01:25 CVE Modified
Nov 20, 2024 23:48 CVE Modified
← Back to CVE Tracker