4.3

CVE-2008-4684

packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version0.99.2
WiresharkWireshark Version0.99.3
WiresharkWireshark Version0.99.4
WiresharkWireshark Version0.99.5
WiresharkWireshark Version0.99.6
WiresharkWireshark Version0.99.6a
WiresharkWireshark Version0.99.7
WiresharkWireshark Version0.99.8
WiresharkWireshark Version1.0
WiresharkWireshark Version1.0.0
WiresharkWireshark Version1.0.1
WiresharkWireshark Version1.0.2
WiresharkWireshark Version1.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.71% 0.743
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/32944
http://www.debian.org/security/2008/dsa-1673
http://secunia.com/advisories/32355
Vendor Advisory
http://secunia.com/advisories/34144
http://securitytracker.com/id?1021069
http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm
http://wiki.rpath.com/Advisories:rPSA-2008-0336
http://www.mandriva.com/security/advisories?name=MDVSA-2008:215
http://www.redhat.com/support/errata/RHSA-2009-0313.html
http://www.securityfocus.com/archive/1/499154/100/0/threaded
http://www.securityfocus.com/bid/31838
Patch
http://www.vupen.com/english/advisories/2008/2872
http://www.wireshark.org/security/wnpa-sec-2008-06.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2549
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10223
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14767