4.3

CVE-2009-4377

Exploit
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version0.9.2
WiresharkWireshark Version0.9.5
WiresharkWireshark Version0.9.6
WiresharkWireshark Version0.9.7
WiresharkWireshark Version0.9.8
WiresharkWireshark Version0.9.10
WiresharkWireshark Version0.9.14
WiresharkWireshark Version0.99
WiresharkWireshark Version0.99.0
WiresharkWireshark Version0.99.1
WiresharkWireshark Version0.99.2
WiresharkWireshark Version0.99.3
WiresharkWireshark Version0.99.4
WiresharkWireshark Version0.99.5
WiresharkWireshark Version0.99.6
WiresharkWireshark Version0.99.6a
WiresharkWireshark Version0.99.7
WiresharkWireshark Version0.99.8
WiresharkWireshark Version0.99.9
WiresharkWireshark Version1.0
WiresharkWireshark Version1.0.0
WiresharkWireshark Version1.0.1
WiresharkWireshark Version1.0.2
WiresharkWireshark Version1.0.3
WiresharkWireshark Version1.0.4
WiresharkWireshark Version1.0.5
WiresharkWireshark Version1.0.6
WiresharkWireshark Version1.0.7
WiresharkWireshark Version1.0.8
WiresharkWireshark Version1.0.9
WiresharkWireshark Version1.2
WiresharkWireshark Version1.2.0
WiresharkWireshark Version1.2.1
WiresharkWireshark Version1.2.2
WiresharkWireshark Version1.2.3
WiresharkWireshark Version1.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.66% 0.838
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDVSA-2010:031
http://secunia.com/advisories/37842
Vendor Advisory
http://secunia.com/advisories/37916
http://www.securityfocus.com/bid/37407
Exploit
http://www.securitytracker.com/id?1023374
http://www.vupen.com/english/advisories/2009/3596
Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2009-09.html
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html
http://osvdb.org/61178
http://www.debian.org/security/2009/dsa-1983
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4301
Exploit
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9564