Executive Summary
Summary | |
---|---|
Title | Wireshark: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-200712-23 | First vendor Publication | 2007-12-30 |
Vendor | Gentoo | Last vendor Modification | 2007-12-30 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been discovered in Wireshark, allowing for the remote execution of arbitrary code and a Denial of Service. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200712-23.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200712-23.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-399 | Resource Management Errors |
10 % | CWE-264 | Permissions, Privileges, and Access Controls |
10 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
10 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10331 | |||
Oval ID: | oval:org.mitre.oval:def:10331 | ||
Title: | Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. | ||
Description: | Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6439 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10452 | |||
Oval ID: | oval:org.mitre.oval:def:10452 | ||
Title: | The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." | ||
Description: | The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6441 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10659 | |||
Oval ID: | oval:org.mitre.oval:def:10659 | ||
Title: | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Description: | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6118 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10708 | |||
Oval ID: | oval:org.mitre.oval:def:10708 | ||
Title: | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | ||
Description: | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6114 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11374 | |||
Oval ID: | oval:org.mitre.oval:def:11374 | ||
Title: | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. | ||
Description: | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6121 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11442 | |||
Oval ID: | oval:org.mitre.oval:def:11442 | ||
Title: | The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Description: | The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6450 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11508 | |||
Oval ID: | oval:org.mitre.oval:def:11508 | ||
Title: | Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. | ||
Description: | Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6117 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11785 | |||
Oval ID: | oval:org.mitre.oval:def:11785 | ||
Title: | Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. | ||
Description: | Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6438 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14126 | |||
Oval ID: | oval:org.mitre.oval:def:14126 | ||
Title: | WiMAX dissector vulnerability in Wireshark 0.99.6 | ||
Description: | The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6441 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14561 | |||
Oval ID: | oval:org.mitre.oval:def:14561 | ||
Title: | PPP dissector vulnerability in Wireshark 0.99.6 | ||
Description: | Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6112 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14578 | |||
Oval ID: | oval:org.mitre.oval:def:14578 | ||
Title: | ANSI MAP dissector vulnerability in Wireshark 0.99.5 to 0.99.6 | ||
Description: | Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6115 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14721 | |||
Oval ID: | oval:org.mitre.oval:def:14721 | ||
Title: | DCP ETSI dissector vulnerability in Wireshark 0.99.6 | ||
Description: | The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6119 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14734 | |||
Oval ID: | oval:org.mitre.oval:def:14734 | ||
Title: | SMB dissector vulnerability in Wireshark 0.99.6 | ||
Description: | Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6438 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14802 | |||
Oval ID: | oval:org.mitre.oval:def:14802 | ||
Title: | Bluetooth SDP dissector vulnerability in Wireshark 0.99.2 to 0.99.6 | ||
Description: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6120 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15002 | |||
Oval ID: | oval:org.mitre.oval:def:15002 | ||
Title: | IPv6 or USB dissector vulnerability in Wireshark 0.99.6 | ||
Description: | Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6439 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15036 | |||
Oval ID: | oval:org.mitre.oval:def:15036 | ||
Title: | Firebird/Interbase dissector vulnerability in Wireshark 0.99.6 | ||
Description: | The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6116 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18331 | |||
Oval ID: | oval:org.mitre.oval:def:18331 | ||
Title: | DSA-1414-1 wireshark - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1414-1 CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20300 | |||
Oval ID: | oval:org.mitre.oval:def:20300 | ||
Title: | DSA-1446-1 wireshark denial of service | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1446-1 CVE-2007-6450 CVE-2007-6451 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22589 | |||
Oval ID: | oval:org.mitre.oval:def:22589 | ||
Title: | ELSA-2008:0058: wireshark security update (Moderate) | ||
Description: | Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0058-01 CVE-2007-6111 CVE-2007-6112 CVE-2007-6113 CVE-2007-6114 CVE-2007-6115 CVE-2007-6116 CVE-2007-6117 CVE-2007-6118 CVE-2007-6119 CVE-2007-6120 CVE-2007-6121 CVE-2007-6438 CVE-2007-6439 CVE-2007-6441 CVE-2007-6450 CVE-2007-6451 | Version: | 69 |
Platform(s): | Oracle Linux 5 | Product(s): | libsmi wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8307 | |||
Oval ID: | oval:org.mitre.oval:def:8307 | ||
Title: | DSA-1446 wireshark -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: The RPL dissector could be tricked into an infinite loop. The CIP dissector could be tricked into excessive memory allocation. For the old stable distribution (sarge), these problems have been fixed in version 0.10.10-2sarge11. (In Sarge Wireshark used to be called Ethereal). For the stable distribution (etch), these problems have been fixed in version 0.99.4-5.etch.2. For the unstable distribution (sid), these problems have been fixed in version 0.99.7-1. We recommend that you upgrade your wireshark packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1446 CVE-2007-6450 CVE-2007-6451 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 Debian GNU/Linux 3.1 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9048 | |||
Oval ID: | oval:org.mitre.oval:def:9048 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6111 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9488 | |||
Oval ID: | oval:org.mitre.oval:def:9488 | ||
Title: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Description: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6120 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9685 | |||
Oval ID: | oval:org.mitre.oval:def:9685 | ||
Title: | Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. | ||
Description: | Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6451 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9726 | |||
Oval ID: | oval:org.mitre.oval:def:9726 | ||
Title: | Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | ||
Description: | Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6115 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9772 | |||
Oval ID: | oval:org.mitre.oval:def:9772 | ||
Title: | Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | ||
Description: | Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6112 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9799 | |||
Oval ID: | oval:org.mitre.oval:def:9799 | ||
Title: | The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. | ||
Description: | The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6116 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9841 | |||
Oval ID: | oval:org.mitre.oval:def:9841 | ||
Title: | Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. | ||
Description: | Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6113 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9880 | |||
Oval ID: | oval:org.mitre.oval:def:9880 | ||
Title: | The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Description: | The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6119 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_001_1.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:1 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_1.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0058-01 File : nvt/gb_RHSA-2008_0058-01_wireshark.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0059-01 File : nvt/gb_RHSA-2008_0059-01_wireshark.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0058 centos4 i386 File : nvt/gb_CESA-2008_0058_libsmi_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0058 centos4 x86_64 File : nvt/gb_CESA-2008_0058_libsmi_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0059 centos3 i386 File : nvt/gb_CESA-2008_0059_libsmi_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0059 centos3 x86_64 File : nvt/gb_CESA-2008_0059_libsmi_centos3_x86_64.nasl |
2009-02-27 | Name : Fedora Update for wireshark FEDORA-2007-4590 File : nvt/gb_fedora_2007_4590_wireshark_fc8.nasl |
2009-02-27 | Name : Fedora Update for wireshark FEDORA-2007-4690 File : nvt/gb_fedora_2007_4690_wireshark_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-23 (wireshark) File : nvt/glsa_200712_23.nasl |
2008-09-04 | Name : wireshark -- multiple vulnerabilities File : nvt/freebsd_wireshark0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1414-1 (wireshark) File : nvt/deb_1414_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1446-1 (wireshark) File : nvt/deb_1446_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40468 | Wireshark iSeries (OS/400) Communication Trace File Parser Unspecified Remote... |
40467 | Wireshark SSL Dissector Unspecified Remote Overflow |
40466 | Wireshark MP3 File Handling Unspecified Remote DoS |
40465 | Wireshark NCP Dissector Unspecified Remote DoS |
40464 | Wireshark DCP ETSI Dissector Unspecified Remote DoS |
40463 | Wireshark SMB Dissector Unspecified Remote DoS |
40462 | Wireshark USB Dissector Unspecified Remote Resource Consumption DoS |
40461 | Wireshark IPv6 Dissector Unspecified Remote Resource Consumption DoS |
40460 | Wireshark WiMAX Dissector Unspecified Remote DoS |
40459 | Wireshark RPL Dissector Unspecified Remote Infinite Loop DoS |
40458 | Wireshark CIP Dissector Unspecified Remote Memory Consumption DoS |
40457 | Wireshark PPP Dissector Unspecified Remote Overflow |
40456 | Wireshark DNP3 Dissector Malformed Packet Handling Remote Infinite Loop DoS |
40455 | Wireshark ANSI MAP Dissector Unspecified Remote Overflow |
40454 | Wireshark Firebird/Interbase Dissector Unspecified Infinite Loop Remote DoS |
40453 | Wireshark HTTP Dissector Chunked Message Handling Unspecified Remote Issue |
40452 | Wireshark MEGACO Dissector Unspecified Remote DoS |
40451 | Wireshark Malformed RPC Portmap Packet Handling Remote DoS |
40450 | Wireshark Bluetooth SDP Dissector Unspecified Infinite Loop Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080121_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-001.nasl - Type : ACT_GATHER_INFO |
2008-01-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2008-01-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1446.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-23.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4590.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4690.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8a835235ae8411dca5f9001a4d49522b.nasl - Type : ACT_GATHER_INFO |
2007-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1414.nasl - Type : ACT_GATHER_INFO |
2007-07-11 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-145.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:35:26 |
|