Executive Summary

Informations
NameCVE-2008-3146First vendor Publication2008-09-02
VendorCveLast vendor Modification2011-03-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10624
 
Oval ID: oval:org.mitre.oval:def:10624
Title: Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
Description: Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3146
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application17

OpenVAS Exploits

DateDescription
2009-10-13Name : SLES10: Security update for ethereal
File : nvt/sles10_ethereal0.nasl
2009-10-10Name : SLES9: Security update for ethereal
File : nvt/sles9p5033780.nasl
2009-04-09Name : Mandriva Update for wireshark MDVSA-2008:199 (wireshark)
File : nvt/gb_mandriva_MDVSA_2008_199.nasl
2009-03-06Name : RedHat Update for wireshark RHSA-2008:0890-01
File : nvt/gb_RHSA-2008_0890-01_wireshark.nasl
2009-02-27Name : CentOS Update for wireshark CESA-2008:0890 centos3 i386
File : nvt/gb_CESA-2008_0890_wireshark_centos3_i386.nasl
2009-02-27Name : CentOS Update for wireshark CESA-2008:0890 centos3 x86_64
File : nvt/gb_CESA-2008_0890_wireshark_centos3_x86_64.nasl
2009-02-27Name : CentOS Update for wireshark CESA-2008:0890 centos4 i386
File : nvt/gb_CESA-2008_0890_wireshark_centos4_i386.nasl
2009-02-27Name : CentOS Update for wireshark CESA-2008:0890 centos4 x86_64
File : nvt/gb_CESA-2008_0890_wireshark_centos4_x86_64.nasl
2009-02-17Name : Fedora Update for wireshark FEDORA-2008-7894
File : nvt/gb_fedora_2008_7894_wireshark_fc8.nasl
2009-02-17Name : Fedora Update for wireshark FEDORA-2008-7936
File : nvt/gb_fedora_2008_7936_wireshark_fc9.nasl
2008-09-28Name : Gentoo Security Advisory GLSA 200809-17 (wireshark)
File : nvt/glsa_200809_17.nasl
2008-09-10Name : Wireshark Multiple Vulnerabilities - Sept08 (Linux)
File : nvt/secpod_wireshark_mult_vuln_sept08_lin_900213.nasl
2008-09-10Name : Wireshark Multiple Vulnerabilities - Sept-08 (Win)
File : nvt/secpod_wireshark_mult_vuln_sept08_win_900212.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
47931Wireshark NCP Dissector Multiple Unspecified Overflows

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0890.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081001_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12225.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for wireshark
File : suse_11_0_wireshark-080814.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-199.nasl - Type : ACT_GATHER_INFO
2008-10-02Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO
2008-10-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO
2008-09-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200809-17.nasl - Type : ACT_GATHER_INFO
2008-09-12Name : The remote Fedora host is missing a security update.
File : fedora_2008-7894.nasl - Type : ACT_GATHER_INFO
2008-09-12Name : The remote Fedora host is missing a security update.
File : fedora_2008-7936.nasl - Type : ACT_GATHER_INFO
2008-08-26Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ethereal-5520.nasl - Type : ACT_GATHER_INFO
2008-08-26Name : The remote SuSE system is missing the security patch wireshark-5515
File : suse_wireshark-5515.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/496487/100/0/threaded
CONFIRMhttp://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278
http://www.wireshark.org/security/wnpa-sec-2008-05.html
FEDORAhttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg007...
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg007...
GENTOOhttp://security.gentoo.org/glsa/glsa-200809-17.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:199
REDHAThttp://www.redhat.com/support/errata/RHSA-2008-0890.html
SECTRACKhttp://www.securitytracker.com/id?1020819
SECUNIAhttp://secunia.com/advisories/31687
http://secunia.com/advisories/31864
http://secunia.com/advisories/31886
http://secunia.com/advisories/32028
http://secunia.com/advisories/32091
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
VUPENhttp://www.vupen.com/english/advisories/2008/2773

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:45:43
  • Multiple Updates
2013-05-11 00:21:25
  • Multiple Updates