VDB
CVE-2005-3651
CVE-2005-3651
PUBLISHED
CVSS 7.5 HIGH
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
EPSS 5.20% · 90.1th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
5.20%
90.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ethereal_group | ethereal | 0.7.7, 0.8, 0.8.5 |
| n/a | n/a | * |
Timeline
- Dec 10, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- SUSE-SR:2006:004 vendor-advisory
- 1015337 vdb
- 18911 third-party-advisory
- 19230 third-party-advisory
- 18012 third-party-advisory
- 15794 vdb
- DSA-920 vendor-advisory
- RHSA-2006:0156 vendor-advisory
- http://www.ethereal.com/appnotes/enpa-sa-00022.html url
- oval:org.mitre.oval:def:11286 vdb
- 17973 third-party-advisory
- GLSA-200512-06 vendor-advisory
- http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.c url
- MDKSA-2006:002 vendor-advisory
- 20051209 Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability third-party-advisory
- ADV-2005-2830 vdb
- 18062 third-party-advisory
- 20060201-01-U vendor-advisory
- MDKSA-2005:227 vendor-advisory
- 19012 third-party-advisory
…and 4 more