CVE-2005-0807

critical

Description

Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/19744

https://exchange.xforce.ibmcloud.com/vulnerabilities/19742

http://www.securityfocus.com/bid/12840

http://www.oxid.it/

http://securitytracker.com/id?1013476

http://secunia.com/advisories/14630

http://marc.info/?l=bugtraq&m=111116097313427&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.03243