Wireshark Multiple Protocol Denial of Service Vulnerabilities
BID:22352
Info
Wireshark Multiple Protocol Denial of Service Vulnerabilities
| Bugtraq ID: | 22352 |
| Class: | Unknown |
| CVE: |
CVE-2007-0459 CVE-2007-0458 CVE-2007-0457 CVE-2007-0456 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 01 2007 12:00AM |
| Updated: | May 17 2007 08:48PM |
| Credit: | The vendor reported these issues. |
| Vulnerable: |
Wireshark Wireshark 0.99.4 Wireshark Wireshark 0.99.3 Wireshark Wireshark 0.99.2 Wireshark Wireshark 0.99.1 Wireshark Wireshark 0.99 Wireshark Wireshark 0.10.13 Wireshark Wireshark 0.10.4 Wireshark Wireshark 0.10 Wireshark Wireshark 0.9.10 Wireshark Wireshark 0.8.16 Wireshark Wireshark 0.7.9 SGI ProPack 3.0 SP6 rPath rPath Linux 1 Redhat Fedora Core5 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 IA64 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 IA64 Redhat Enterprise Linux ES 2.1 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 IA64 Redhat Enterprise Linux AS 2.1 Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 IA64 Redhat Advanced Workstation for the Itanium Processor 2.1 Pardus Linux 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Avaya EMMC 0 Avaya Communication Manager 2.0 Avaya Communication Manager 4.0 Avaya Communication Manager 3.0 Avaya CCS 3.0 Avaya CCS 2.0 Avaya Aura SIP Enablement Services 3.1.1 Avaya Aura SIP Enablement Services 3.1 Avaya Aura SIP Enablement Services 3.0 |
| Not Vulnerable: |
Wireshark Wireshark 0.99.5 |
Discussion
Wireshark Multiple Protocol Denial of Service Vulnerabilities
Wireshark is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.
Wireshark versions prior to 0.99.5 are affected.
Wireshark is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.
Wireshark versions prior to 0.99.5 are affected.
Exploit / POC
Wireshark Multiple Protocol Denial of Service Vulnerabilities
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Some of these issues may not require an exploit.
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Some of these issues may not require an exploit.
Solution / Fix
Wireshark Multiple Protocol Denial of Service Vulnerabilities
Solution:
The vendor has released updates to address these issues. Please see the referenced advisories for more information.
Solution:
The vendor has released updates to address these issues. Please see the referenced advisories for more information.
References
Wireshark Multiple Protocol Denial of Service Vulnerabilities
References:
References:
- Wireshark Homepage (Wireshark)
- wnpa-sec-2007-01 (Wireshark)
- ASA-2007-166 - wireshark security update (RHSA-2007-0066) (Avaya)
- RHSA-2007:0066-5 wireshark security update (Red Hat)