• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Ethereal RADIUS Authentication Dissection Buffer Overflow Vulnerability

Bugtraq ID:	12759
Class:	Boundary Condition Error
CVE:	CVE-2005-0699
Remote:	Yes
Local:	No
Published:	Mar 08 2005 12:00AM
Updated:	Jul 31 2006 11:56PM
Credit:	Both Leon Juranic and Diego Giagio <dgiagio@irion.com.br> independently discovery this issue.
Vulnerable:	RedHat Linux 9.0 i386 RedHat Linux 7.3 i686 RedHat Linux 7.3 i386 RedHat Linux 7.3 RedHat Fedora Core2 RedHat Fedora Core1 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 Ethereal Group Ethereal 0.10.9 + Gentoo Linux Ethereal Group Ethereal 0.10.8 Ethereal Group Ethereal 0.10.7 Ethereal Group Ethereal 0.10.6 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 Ethereal Group Ethereal 0.10.5 Ethereal Group Ethereal 0.10.4 Ethereal Group Ethereal 0.10.3 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 + RedHat Fedora Core2 + RedHat Fedora Core1 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 Ethereal Group Ethereal 0.10.2 Ethereal Group Ethereal 0.10.1 Ethereal Group Ethereal 0.10 Conectiva Linux 10.0 Conectiva Linux 9.0 Avaya S8710 R2.0.1 Avaya S8710 R2.0.0 Avaya S8700 R2.0.1 Avaya S8700 R2.0.0 Avaya S8500 R2.0.1 Avaya S8500 R2.0.0 Avaya S8300 R2.0.1 Avaya S8300 R2.0.0 Avaya Converged Communications Server 2.0 ALT Linux ALT Linux Junior 2.3 ALT Linux ALT Linux Compact 2.3
Not Vulnerable:	Ethereal Group Ethereal 0.10 .10 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + MandrakeSoft Linux Mandrake 10.2 x86_64 + MandrakeSoft Linux Mandrake 10.2 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1