Executive Summary
Summary | |
---|---|
Title | Wireshark: Denial of Service |
Informations | |||
---|---|---|---|
Name | GLSA-200909-16 | First vendor Publication | 2009-09-13 |
Vendor | Gentoo | Last vendor Modification | 2009-09-13 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service. Background Description * A buffer overflow in the IPMI dissector related to an array index error (CVE-2009-2559). * Multiple unspecified vulnerabilities in the Bluetooth L2CAP, * An unspecified vulnerability in the sFlow dissector (CVE-2009-2561). * An unspecified vulnerability in the AFS dissector (CVE-2009-2562). * An unspecified vulnerability in the Infiniband dissector when running on unspecified platforms (CVE-2009-2563). Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200909-16.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200909-16.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10403 | |||
Oval ID: | oval:org.mitre.oval:def:10403 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2560 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11210 | |||
Oval ID: | oval:org.mitre.oval:def:11210 | ||
Title: | Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Description: | Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2563 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11643 | |||
Oval ID: | oval:org.mitre.oval:def:11643 | ||
Title: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Description: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2562 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5625 | |||
Oval ID: | oval:org.mitre.oval:def:5625 | ||
Title: | DOS vulnerability in the AFS dissector in Wireshark. | ||
Description: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2562 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5795 | |||
Oval ID: | oval:org.mitre.oval:def:5795 | ||
Title: | DOS vulnerability in the sFlow dissector in Wireshark. | ||
Description: | Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2561 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6321 | |||
Oval ID: | oval:org.mitre.oval:def:6321 | ||
Title: | DOS vulnerability in the Infiniband dissector in Wireshark. | ||
Description: | Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2563 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6379 | |||
Oval ID: | oval:org.mitre.oval:def:6379 | ||
Title: | Buffer overflow in the IPMI dissector in Wireshark. | ||
Description: | Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2559 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6416 | |||
Oval ID: | oval:org.mitre.oval:def:6416 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause DOS. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2560 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for wireshark CESA-2010:0360 centos5 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos5_i386.nasl |
2010-04-29 | Name : CentOS Update for wireshark CESA-2010:0360 centos3 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos3_i386.nasl |
2010-04-29 | Name : CentOS Update for wireshark CESA-2010:0360 centos4 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos4_i386.nasl |
2010-04-29 | Name : RedHat Update for wireshark RHSA-2010:0360-01 File : nvt/gb_RHSA-2010_0360-01_wireshark.nasl |
2010-02-08 | Name : Mandriva Update for wireshark MDVSA-2010:031 (wireshark) File : nvt/gb_mandriva_MDVSA_2010_031.nasl |
2009-12-14 | Name : SLES11: Security update for wireshark File : nvt/sles11_wireshark1.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-7998 (wireshark) File : nvt/fcore_2009_7998.nasl |
2009-12-10 | Name : Debian Security Advisory DSA 1942-1 (wireshark) File : nvt/deb_1942_1.nasl |
2009-12-03 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal4.nasl |
2009-12-03 | Name : Gentoo Security Advisory GLSA 200911-05 (wireshark) File : nvt/glsa_200911_05.nasl |
2009-12-03 | Name : SLES9: Security update for ethereal File : nvt/sles9p5063382.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-9837 (wireshark) File : nvt/fcore_2009_9837.nasl |
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal1.nasl |
2009-10-11 | Name : SLES11: Security update for ethereal and wireshark File : nvt/sles11_wireshark0.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5056989.nasl |
2009-09-15 | Name : Gentoo Security Advisory GLSA 200909-16 (wireshark) File : nvt/glsa_200909_16.nasl |
2009-09-09 | Name : SuSE Security Summary SUSE-SR:2009:014 File : nvt/suse_sr_2009_014.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:194 (wireshark) File : nvt/mdksa_2009_194.nasl |
2009-07-22 | Name : Wireshark Multiple Vulnerabilities - July09 (Win) File : nvt/secpod_wireshark_mult_vuln_jul09_win.nasl |
2009-07-22 | Name : Wireshark Multiple Vulnerabilities - July09 (Linux) File : nvt/secpod_wireshark_mult_vuln_jul09_lin.nasl |
2009-07-22 | Name : Wireshark Infiniband Dissector Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_infiniband_dos_vuln_win.nasl |
2009-07-22 | Name : Wireshark Infiniband Dissector Denial of Service Vulnerability (Linux) File : nvt/secpod_wireshark_infiniband_dos_vuln_lin.nasl |
2009-07-22 | Name : Wireshark AFS Dissector Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_afs_dos_vuln_win.nasl |
2009-07-22 | Name : Wireshark AFS Dissector Denial of Service Vulnerability (Linux) File : nvt/secpod_wireshark_afs_dos_vuln_lin.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59461 | Wireshark RADIUS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error in the RADIUS dissector occurs, and will result in loss of availability for the service. |
56022 | Wireshark sFlow Dissector Unspecified Memory/CPU Consumption DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the sFlow dissector processes packets with more than 1,000,000 items in the tree, and will result in loss of availability for the service. |
56021 | Wireshark MIOP Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the MIOP dissector processes packets with malformed Unique ID lengths (>=256 bytes), and will result in loss of availability for the service. |
56020 | Wireshark RADIUS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted RADIUS packets are dissected, and will result in loss of availability for the platform. |
56019 | Wireshark Bluetooth L2CAP Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified condition occurs, and will result in loss of availability for the service. |
56018 | Wireshark Infiniband Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified condition involving the Infiniband dissector occurs, and will result in loss of availability for the platform. |
56017 | Wireshark AFS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified condition related to the AFS dissector occurs, and will result in loss of availability for the service. |
56016 | Wireshark IPMI Dissector Unspecified Overflow A remote overflow exists in Wireshark. Wireshark fails to conduct an unspecified action resulting in a unspecified overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100420_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-100228.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6628.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2010-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-100301.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_wireshark-100203.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-100203.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-100203.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1942.nasl - Type : ACT_GATHER_INFO |
2010-02-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-031.nasl - Type : ACT_GATHER_INFO |
2009-12-09 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7998.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12530.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6627.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-05.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9837.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-6444.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_ethereal-090818.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6443.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12485.nasl - Type : ACT_GATHER_INFO |
2009-09-21 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_0_9.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200909-16.nasl - Type : ACT_GATHER_INFO |
2009-09-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-090818.nasl - Type : ACT_GATHER_INFO |
2009-09-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-090818.nasl - Type : ACT_GATHER_INFO |
2009-08-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-194.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_2_1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:36:43 |
|