Summary
This host is installed with EtherApe and is prone to denial of service vulnerabilities.
Impact
Successful exploitation allows remote attackers to cause a NULL pointer dereference or cause a denial of service.
Impact Level: Application
Solution
Upgrade to EtherApe version 0.9.12 or later,
For updates refer to http://etherape.sourceforge.net/
Insight
The flaw is due to an error in the add_conversation function in 'conversations.c' when processing specially crafted RPC packet.
Affected
EtherApe version prior to 0.9.12
References
- http://etherape.sourceforge.net/NEWS.html
- http://osvdb.org/show/osvdb/75609
- http://secunia.com/advisories/45989
- http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712
- http://www.openwall.com/lists/oss-security/2011/09/19/4
- http://www.openwall.com/lists/oss-security/2011/09/22/1
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-3369 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Django Forms Library Algorithmic Complexity Vulnerability
- Comodo Internet Security Denial of Service Vulnerability-03
- Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
- Apache Tomcat Content-Type Header Denial Of Service Vulnerability
- Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)