CVE-2011-3369

The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet, related to the get_rpc function in decode_proto.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
juan_toledoetherape
𝑥
≤ 0.9.11
juan_toledoetherape
0.0.1
juan_toledoetherape
0.0.2
juan_toledoetherape
0.0.3
juan_toledoetherape
0.0.4
juan_toledoetherape
0.0.5
juan_toledoetherape
0.0.6
juan_toledoetherape
0.0.7
juan_toledoetherape
0.0.8
juan_toledoetherape
0.1.0
juan_toledoetherape
0.1.1
juan_toledoetherape
0.1.2
juan_toledoetherape
0.1.3
juan_toledoetherape
0.1.4
juan_toledoetherape
0.1.5
juan_toledoetherape
0.1.6
juan_toledoetherape
0.1.7
juan_toledoetherape
0.1.8
juan_toledoetherape
0.1.9
juan_toledoetherape
0.2.0
juan_toledoetherape
0.2.1
juan_toledoetherape
0.2.2
juan_toledoetherape
0.2.3
juan_toledoetherape
0.2.4
juan_toledoetherape
0.2.5
juan_toledoetherape
0.2.6
juan_toledoetherape
0.2.7
juan_toledoetherape
0.2.8
juan_toledoetherape
0.2.9
juan_toledoetherape
0.2.10
juan_toledoetherape
0.2.11
juan_toledoetherape
0.3.0
juan_toledoetherape
0.3.1
juan_toledoetherape
0.3.2
juan_toledoetherape
0.3.3
juan_toledoetherape
0.3.4
juan_toledoetherape
0.3.5
juan_toledoetherape
0.3.6
juan_toledoetherape
0.3.7
juan_toledoetherape
0.3.8
juan_toledoetherape
0.3.9
juan_toledoetherape
0.4.0
juan_toledoetherape
0.4.1
juan_toledoetherape
0.4.2
juan_toledoetherape
0.4.3
juan_toledoetherape
0.4.4
juan_toledoetherape
0.4.5
juan_toledoetherape
0.4.6
juan_toledoetherape
0.4.7
juan_toledoetherape
0.5.0
juan_toledoetherape
0.5.1
juan_toledoetherape
0.5.2
juan_toledoetherape
0.5.3
juan_toledoetherape
0.5.4
juan_toledoetherape
0.5.5
juan_toledoetherape
0.5.6
juan_toledoetherape
0.5.7
juan_toledoetherape
0.5.8
juan_toledoetherape
0.5.9
juan_toledoetherape
0.6.0
juan_toledoetherape
0.6.1
juan_toledoetherape
0.6.2
juan_toledoetherape
0.6.3
juan_toledoetherape
0.6.4
juan_toledoetherape
0.6.5
juan_toledoetherape
0.6.6
juan_toledoetherape
0.6.7
juan_toledoetherape
0.6.8
juan_toledoetherape
0.6.9
juan_toledoetherape
0.7.0
juan_toledoetherape
0.7.1
juan_toledoetherape
0.7.2
juan_toledoetherape
0.7.3
juan_toledoetherape
0.7.4
juan_toledoetherape
0.7.5
juan_toledoetherape
0.7.6
juan_toledoetherape
0.7.7
juan_toledoetherape
0.7.8
juan_toledoetherape
0.8.0
juan_toledoetherape
0.8.1
juan_toledoetherape
0.8.2
juan_toledoetherape
0.9.0
juan_toledoetherape
0.9.1
juan_toledoetherape
0.9.2
juan_toledoetherape
0.9.3
juan_toledoetherape
0.9.4
juan_toledoetherape
0.9.5
juan_toledoetherape
0.9.6
juan_toledoetherape
0.9.7
juan_toledoetherape
0.9.8
juan_toledoetherape
0.9.9
juan_toledoetherape
0.9.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
etherape
bullseye
0.9.19-2
fixed
lenny
no-dsa
bookworm
0.9.20-2
fixed
sid
0.9.20-2
fixed
trixie
0.9.20-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
etherape
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
References
http://etherape.sourceforge.net/NEWS.html
http://secunia.com/advisories/45989
http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712
http://www.openwall.com/lists/oss-security/2011/09/19/4
http://www.openwall.com/lists/oss-security/2011/09/22/1
http://etherape.sourceforge.net/NEWS.html
http://secunia.com/advisories/45989
http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712
http://www.openwall.com/lists/oss-security/2011/09/19/4
http://www.openwall.com/lists/oss-security/2011/09/22/1