CVE-2008-1562

EPSS 42.19%
Veröffentlicht 31.03.2008 22:44:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 27

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wireshark ≫ Wireshark Version0.99.2

Wireshark ≫ Wireshark Version0.99.3

Wireshark ≫ Wireshark Version0.99.4

Wireshark ≫ Wireshark Version0.99.5

Wireshark ≫ Wireshark Version0.99.6

Wireshark ≫ Wireshark Version0.99.7

Wireshark ≫ Wireshark Version0.99.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	42.19%	0.973

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

http://secunia.com/advisories/29622

http://secunia.com/advisories/29736

http://secunia.com/advisories/32091

http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm

http://www.redhat.com/support/errata/RHSA-2008-0890.html

http://www.vupen.com/english/advisories/2008/2773

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00140.html

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00228.html

http://secunia.com/advisories/29569

Vendor Advisory

http://secunia.com/advisories/29695