CVE-ID

CVE-2002-0353

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20020501 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20020817-01)
Votes (Legacy)
ACCEPT(4) Armstrong, Cole, Cox, Green
MODIFY(1) Frech
NOOP(3) Christey, Foat, Wall
Comments (Legacy)
 Christey> DEBIAN:DSA-130
 Christey> REDHAT:RHSA-2002:088
   URL:http://www.redhat.com/support/errata/RHSA-2002-088.html
   BID:4604
   URL:http://www.securityfocus.com/bid/4604
 Christey> XF:ethereal-asn1-dos(8952)
   URL:http://www.iss.net/security_center/static/8952.php
 Frech> XF:ethereal-asn1-dos(8952)
 Christey> CALDERA:CSSA-2002-037.0
   URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt
 Christey> REDHAT:RHSA-2002:036
   URL:http://www.redhat.com/support/errata/RHSA-2002-036.html

Proposed (Legacy)
20020502
This is an entry on the CVE list, which standardizes names for security problems.