CVE-2005-3651

Summary

CVE	CVE-2005-3651
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-12-10 11:03:00 UTC
Updated	2025-04-03 01:03:51 UTC
Description	Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.

Risk And Classification

Primary CVSS: v2.0 7.5 from [email protected]

AV:N/AC:L/Au:N/C:P/I:P/A:P

Problem Types: NVD-CWE-Other | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Ethereal Group	Ethereal	0.10	All	All	All
Application	Ethereal Group	Ethereal	0.10.1	All	All	All
Application	Ethereal Group	Ethereal	0.10.10	All	All	All
Application	Ethereal Group	Ethereal	0.10.11	All	All	All
Application	Ethereal Group	Ethereal	0.10.12	All	All	All
Application	Ethereal Group	Ethereal	0.10.13	All	All	All
Application	Ethereal Group	Ethereal	0.10.2	All	All	All
Application	Ethereal Group	Ethereal	0.10.3	All	All	All
Application	Ethereal Group	Ethereal	0.10.4	All	All	All
Application	Ethereal Group	Ethereal	0.10.5	All	All	All
Application	Ethereal Group	Ethereal	0.10.6	All	All	All
Application	Ethereal Group	Ethereal	0.10.7	All	All	All
Application	Ethereal Group	Ethereal	0.10.8	All	All	All
Application	Ethereal Group	Ethereal	0.10.9	All	All	All
Application	Ethereal Group	Ethereal	0.7.7	All	All	All
Application	Ethereal Group	Ethereal	0.8	All	All	All
Application	Ethereal Group	Ethereal	0.8.13	All	All	All
Application	Ethereal Group	Ethereal	0.8.14	All	All	All
Application	Ethereal Group	Ethereal	0.8.15	All	All	All
Application	Ethereal Group	Ethereal	0.8.18	All	All	All
Application	Ethereal Group	Ethereal	0.8.19	All	All	All
Application	Ethereal Group	Ethereal	0.8.5	All	All	All
Application	Ethereal Group	Ethereal	0.9	All	All	All
Application	Ethereal Group	Ethereal	0.9.1	All	All	All
Application	Ethereal Group	Ethereal	0.9.10	All	All	All
Application	Ethereal Group	Ethereal	0.9.11	All	All	All
Application	Ethereal Group	Ethereal	0.9.12	All	All	All
Application	Ethereal Group	Ethereal	0.9.13	All	All	All
Application	Ethereal Group	Ethereal	0.9.14	All	All	All
Application	Ethereal Group	Ethereal	0.9.15	All	All	All
Application	Ethereal Group	Ethereal	0.9.16	All	All	All
Application	Ethereal Group	Ethereal	0.9.2	All	All	All
Application	Ethereal Group	Ethereal	0.9.3	All	All	All
Application	Ethereal Group	Ethereal	0.9.4	All	All	All
Application	Ethereal Group	Ethereal	0.9.5	All	All	All
Application	Ethereal Group	Ethereal	0.9.6	All	All	All
Application	Ethereal Group	Ethereal	0.9.7	All	All	All
Application	Ethereal Group	Ethereal	0.9.8	All	All	All
Application	Ethereal Group	Ethereal	0.9.9	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
Advisories - Mandriva Linux	af854a3a-2127-422b-91ae-364da2661108	www.mandriva.com
Ethereal OSPF Protocol Dissection Stack Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Patch
SuSE Security announcements: [suse-security-announce] SUSE Security Summary Report SUSE-SR:2006:004	af854a3a-2127-422b-91ae-364da2661108	lists.suse.de
Secunia - Advisories - Gentoo update for ethereal	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Ethereal Buffer Overflow in OSPF Dissector dissect_ospf_v3_address_prefix() Function May Permit Remote Code Execution - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
patches.sgi.com/support/free/security/advisories/20060201-01-U	af854a3a-2127-422b-91ae-364da2661108	patches.sgi.com
Secunia - Advisories - Red Hat update for ethereal	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Ethereal: enpa-sa-00022	af854a3a-2127-422b-91ae-364da2661108	www.ethereal.com	URL Repurposed
SUSE Updates for Multiple Packages - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Advisories - Mandriva Linux	af854a3a-2127-422b-91ae-364da2661108	www.mandriva.com
Ethereal - This Ultra Rare Brand Concept is Available for Purchase.	af854a3a-2127-422b-91ae-364da2661108	anonsvn.ethereal.com	URL Repurposed
SGI Advanced Linux Environment Multiple Updates - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Gentoo Linux Documentation -- Ethereal: Buffer overflow in OSPF protocol dissector	af854a3a-2127-422b-91ae-364da2661108	www.gentoo.org
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
Secunia - Advisories - Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Secunia - Advisories - Avaya Products Ethereal Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	secunia.com
SecurityReason - Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	securityreason.com
Debian -- Security Information -- DSA-920-1 ethereal	af854a3a-2127-422b-91ae-364da2661108	www.debian.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Secunia - Advisories - Fedora update for ethereal	af854a3a-2127-422b-91ae-364da2661108	secunia.com
rhn.redhat.com \| Red Hat Support	af854a3a-2127-422b-91ae-364da2661108	www.redhat.com
Public Advisory: 12.09.05 // iDefense Labs	af854a3a-2127-422b-91ae-364da2661108	www.idefense.com	Patch, Vendor Advisory
Secunia - Advisories - Debian update for ethereal	af854a3a-2127-422b-91ae-364da2661108	secunia.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.