{"vuid":"VU#695486","idnumber":"695486","name":"Ethereal fails to properly handle malformed color filter files","keywords":["Ethereal","DoS","denial of service","malformed color filter file","segmentation fault"],"overview":"Ethereal fails to properly handle malformed color filter files, which could allow an attacker to cause a segmentation fault.","clean_desc":"Ethereal is a network traffic analysis package. It provides a feature that allows a user to customize the foreground and background colors of packet information that is displayed. There is a vulnerability in the way Ethereal handles color filter files. A local attacker could exploit this vulnerability by creating a malformed color filter.","impact":"A local attacker could cause a segmentation fault in Ethereal, leading to a denial of service.","resolution":"Upgrade\nUpgrade to version 0.10.3 or later. Note: Ethereal is considered BETA software at this time.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by the developers of Ethereal.","author":"This document was written by Damon Morda.","public":["http://www.ethereal.com/appnotes/enpa-sa-00013.html","http://secunia.com/advisories/11185/","http://www.ethereal.com/docs/man-pages/ethereal.1.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-03-23T14:48:46Z","publicdate":"2004-03-22T00:00:00Z","datefirstpublished":"2004-03-24T15:10:50Z","dateupdated":"2004-04-05T20:45:31Z","revision":12,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"7","cam_impact":"3","cam_easeofexploitation":"17","cam_attackeraccessrequired":"10","cam_scorecurrent":"1.33875","cam_scorecurrentwidelyknown":"1.6734375","cam_scorecurrentwidelyknownexploited":"3.0121875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.33875,"vulnote":null}