Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2008:199 | First vendor Publication | 2008-09-19 |
Vendor | Mandriva | Last vendor Modification | 2008-09-19 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A number of vulnerabilities were discovered in Wireshark that could cause it to crash while processing malicious packets (CVE-2008-3146, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934). This update provides Wireshark 1.0.3, which is not vulnerable to these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:199 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-20 | Improper Input Validation |
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10624 | |||
Oval ID: | oval:org.mitre.oval:def:10624 | ||
Title: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Description: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3146 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11273 | |||
Oval ID: | oval:org.mitre.oval:def:11273 | ||
Title: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Description: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3932 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15087 | |||
Oval ID: | oval:org.mitre.oval:def:15087 | ||
Title: | Unspecified vulnerability in Wireshark 0.99.6 through 1.0.2 | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3934 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21972 | |||
Oval ID: | oval:org.mitre.oval:def:21972 | ||
Title: | ELSA-2008:0890: wireshark security update (Moderate) | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0890-01 CVE-2008-1070 CVE-2008-1071 CVE-2008-1072 CVE-2008-1561 CVE-2008-1562 CVE-2008-1563 CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3146 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934 | Version: | 61 |
Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26105 | |||
Oval ID: | oval:org.mitre.oval:def:26105 | ||
Title: | Denial of service vulnerability in Wireshark via crafted zlib-compressed data | ||
Description: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3933 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26171 | |||
Oval ID: | oval:org.mitre.oval:def:26171 | ||
Title: | Denial of service vulnerability in Wireshark via crafted NCP packet | ||
Description: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3932 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26438 | |||
Oval ID: | oval:org.mitre.oval:def:26438 | ||
Title: | Multiple buffer overflows vulnerabilities in packet_ncp2222.inc in Wireshark via a crafted NCP packet | ||
Description: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3146 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29012 | |||
Oval ID: | oval:org.mitre.oval:def:29012 | ||
Title: | RHSA-2008:0890 -- wireshark security update (Moderate) | ||
Description: | Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2008-3146) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0890 CESA-2008:0890-CentOS 3 CESA-2008:0890-CentOS 5 CVE-2008-1070 CVE-2008-1071 CVE-2008-1072 CVE-2008-1561 CVE-2008-1562 CVE-2008-1563 CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3146 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9620 | |||
Oval ID: | oval:org.mitre.oval:def:9620 | ||
Title: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Description: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3933 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9920 | |||
Oval ID: | oval:org.mitre.oval:def:9920 | ||
Title: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3934 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal0.nasl |
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal2.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5040200.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5033780.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:199 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_199.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0890-01 File : nvt/gb_RHSA-2008_0890-01_wireshark.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos3 i386 File : nvt/gb_CESA-2008_0890_wireshark_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos3 x86_64 File : nvt/gb_CESA-2008_0890_wireshark_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos4 i386 File : nvt/gb_CESA-2008_0890_wireshark_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos4 x86_64 File : nvt/gb_CESA-2008_0890_wireshark_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-7894 File : nvt/gb_fedora_2008_7894_wireshark_fc8.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-7936 File : nvt/gb_fedora_2008_7936_wireshark_fc9.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
2008-12-03 | Name : Debian Security Advisory DSA 1673-1 (wireshark) File : nvt/deb_1673_1.nasl |
2008-09-28 | Name : Gentoo Security Advisory GLSA 200809-17 (wireshark) File : nvt/glsa_200809_17.nasl |
2008-09-10 | Name : Wireshark Multiple Vulnerabilities - Sept-08 (Win) File : nvt/secpod_wireshark_mult_vuln_sept08_win_900212.nasl |
2008-09-10 | Name : Wireshark Multiple Vulnerabilities - Sept08 (Linux) File : nvt/secpod_wireshark_mult_vuln_sept08_lin_900213.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47934 | Wireshark Tektronix .rf5 File Handling DoS Wireshark contains a flaw that may allow a local denial of service. The issue is triggered when a specially crafted .rf5 file is read, and will result in loss of availability for the application. |
47933 | Wireshark zlib-compressed Packet Data Uncompression DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted zlib-compressed packets are uncompressed, and will result in loss of availability for the application. |
47932 | Wireshark NCP Dissector Unspecified Infinite Loop DoS |
47931 | Wireshark NCP Dissector Multiple Unspecified Overflows |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081001_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-5866.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12323.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12225.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-081220.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-080814.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-199.nasl - Type : ACT_GATHER_INFO |
2008-12-26 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5886.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1673.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5783.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-17.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7936.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7894.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-5520.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5515.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:39:42 |
|