CVE-2005-1461

Name of the Vulnerable Software and Affected Versions: Ethereal versions prior to 0.10.11

Description: The issue is related to multiple buffer overflows in various protocol dissectors in Ethereal, including SIP, CMIP, CMP, CMS, CRMF, ESS, OCSP, X.509, ISIS, DISTCC, FCELS, Q.931, NCP, TCAP, ISUP, MEGACO, PKIX1Explicit, PKIX Qualified, and Presentation. This could allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Recommendations: For Ethereal versions prior to 0.10.11, update to version 0.10.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable protocol dissectors until a patch is available.