CVE names Description
CVE-2005-3243, CVE-2005-2367, CVE-2005-1461, CVE-2005-0699 Exploits for several vulnerabilities in Ethereal. In order to be exploited a victim with privileges (root) would have to be running Ethereal and monitoring a network onto which an attacker could inject carefully crafted malicious packets. The protocols affected by the vulnerabilities (SLIMP3, AFP, SIP, and RADIUS) are unlikely to be allowed through a border firewall, so the ability to exploit this flaw remotely is restricted. Additionly, attempts to remotely exploit this flaw should be caught by Exec-Shield.
CVE-2005-2710 An exploit for a format string vulnerability in Helixplayer. An attacker could create a carefully crafted media file that would execute arbitrary code when opened by a victim. Since Helixplayer can be embedded within a web browser, this flaw could be triggered by a victim simply visting a malicious web page. Any code execution would however be limited to being run with the same rights as the user that is running the vulnerable browser.
CVE-2005-1261 An exploit for a flaw in the Gaim instant messaging client. For some instant messaging protocols, an attacker could send a carefully crafted message which could trigger the flaw and cause code execution. The public exploit is only a proof of concept and causes a crash. In addition, attempts to remotely exploit this flaw should be caught by Exec-Shield.
CVE-2005-0156 An exploit for a flaw in the setuid perl package. Where perl-setuid is installed, an unprivileged local user could gain root privileges. The exploit as published needs minor changes to work on Enterprise Linux 4 systems.

Table 6. Exploits for user-complicit flaws

Close Window