Buffer Overflow in Ethereal Affects Multiple Versions
CVE-2005-3243

Currently unrated

Key Information:

Vendor: Ethereal Group
Status: Ethereal
Vendor: CVE Published:; 27 October 2005

🔔 Create Ethereal Group Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 20%

What is CVE-2005-3243?

Ethereal, a network protocol analyzer, suffers from multiple buffer overflow vulnerabilities in versions 0.10.12 and earlier. These vulnerabilities could be exploited by remote attackers to execute arbitrary code on the affected systems through unknown vectors, particularly via SLIMP3 and AgentX dissectors. Users of Ethereal are advised to upgrade to the latest version to mitigate potential security risks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2005-3243 - Proof of Concept

References

http://www.redhat.com/support/errata/RHSA-2005-809.html

vendor-advisoryx_refsource_REDHAT

http://secunia.com/advisories/17327

third-party-advisoryx_refsource_SECUNIA

http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml

vendor-advisoryx_refsource_GENTOO

EPSS Score

20% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 27, 2005
👾
Exploit known to exist
Oct 27, 2005
Vulnerability published
Oct 27, 2005
Vulnerability Reserved
Oct 17, 2005

CVE-2005-3243 Data

JSON