Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ethereal LMP解析器畸形包内存破坏漏洞
Vulnerability Description
Ethereal是一款免费开放源代码的网络协议分析程序,可使用在Unix和Windows操作系统下。 Ethereal中的LMP解析器在处理畸形LMP包时存在漏洞,远程攻击者利用这个漏洞进行缓冲区溢出攻击,可能以Ethereal进程权限在系统上执行任意指令。 Ethereal中的LMP解析器用于解析LMP协议的机制。攻击者可以构建畸形的LMP消息包并提交给有Ethereal监听的网络中,可导致Ethereal产生缓冲区溢出,精心构建提交的包可能以Ethereal权限在系统上执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A