PT-2004-1726 · Ethereal · Ethereal

Published

2004-07-08

Updated

2024-02-14

CVE-2004-0634

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Ethereal versions 0.9.15 through 0.10.4

Description The issue allows remote attackers to cause a denial of service, resulting in a process crash, by exploiting the SMB SID snooping capability via a handle without a policy name, leading to a null dereference.

Recommendations For Ethereal versions 0.9.15 through 0.10.4, consider disabling the SMB SID snooping capability as a temporary workaround to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0634

RHSA-2004:378

Affected Products

Ethereal

PT-2004-1726 · Ethereal · Ethereal

CVE-2004-0634

Related Identifiers

Affected Products

References · 14