5

CVE-2007-6121

Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ethereal GroupEthereal Version0.8.16
Ethereal GroupEthereal Version0.8.17
Ethereal GroupEthereal Version0.8.17a
Ethereal GroupEthereal Version0.8.18
Ethereal GroupEthereal Version0.8.19
Ethereal GroupEthereal Version0.8.20
Ethereal GroupEthereal Version0.9
Ethereal GroupEthereal Version0.9.0
Ethereal GroupEthereal Version0.9.1
Ethereal GroupEthereal Version0.9.2
Ethereal GroupEthereal Version0.9.3
Ethereal GroupEthereal Version0.9.4
Ethereal GroupEthereal Version0.9.5
Ethereal GroupEthereal Version0.9.6
Ethereal GroupEthereal Version0.9.7
Ethereal GroupEthereal Version0.9.8
Ethereal GroupEthereal Version0.9.9
Ethereal GroupEthereal Version0.9.10
Ethereal GroupEthereal Version0.9.11
Ethereal GroupEthereal Version0.9.12
Ethereal GroupEthereal Version0.9.13
Ethereal GroupEthereal Version0.9.14
Ethereal GroupEthereal Version0.9.15
Ethereal GroupEthereal Version0.9.16
Ethereal GroupEthereal Version0.10
Ethereal GroupEthereal Version0.10.0
Ethereal GroupEthereal Version0.10.0a
Ethereal GroupEthereal Version0.10.1
Ethereal GroupEthereal Version0.10.2
Ethereal GroupEthereal Version0.10.3
Ethereal GroupEthereal Version0.10.4
Ethereal GroupEthereal Version0.10.5
Ethereal GroupEthereal Version0.10.6
Ethereal GroupEthereal Version0.10.7
Ethereal GroupEthereal Version0.10.8
Ethereal GroupEthereal Version0.10.9
Ethereal GroupEthereal Version0.10.10
Ethereal GroupEthereal Version0.10.11
Ethereal GroupEthereal Version0.10.12
Ethereal GroupEthereal Version0.10.13
Ethereal GroupEthereal Version0.10.14
Ethereal GroupEthereal Version0.99.0
WiresharkWireshark Version0.8.16
WiresharkWireshark Version0.9.8
WiresharkWireshark Version0.9.10
WiresharkWireshark Version0.99
WiresharkWireshark Version0.99.0
WiresharkWireshark Version0.99.1
WiresharkWireshark Version0.99.2
WiresharkWireshark Version0.99.3
WiresharkWireshark Version0.99.4
WiresharkWireshark Version0.99.5
WiresharkWireshark Version0.99.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.02% 0.784
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/28583
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0059.html
http://bugs.gentoo.org/show_bug.cgi?id=199958
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://secunia.com/advisories/27777
Vendor Advisory
http://secunia.com/advisories/28197
Vendor Advisory
http://secunia.com/advisories/28207
Vendor Advisory
http://secunia.com/advisories/28288
Vendor Advisory
http://secunia.com/advisories/28304
http://secunia.com/advisories/28325
Vendor Advisory
http://secunia.com/advisories/28564
Vendor Advisory
http://secunia.com/advisories/29048
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200712-23.xml
http://securitytracker.com/id?1018988
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004
http://www.mandriva.com/security/advisories?name=MDVSA-2008:001
http://www.mandriva.com/security/advisories?name=MDVSA-2008:1
http://www.redhat.com/support/errata/RHSA-2008-0058.html
http://www.securityfocus.com/archive/1/485792/100/0/threaded
http://www.securityfocus.com/bid/26532
Patch
http://www.vupen.com/english/advisories/2007/3956
http://www.wireshark.org/security/wnpa-sec-2007-03.html
Patch
https://issues.rpath.com/browse/RPL-1975
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html
http://secunia.com/advisories/27817
Vendor Advisory
http://www.debian.org/security/2007/dsa-1414
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11374