Computer Security
[EN] securityvulns.ru no-pyccku


Wireshark multiple security vulnerabilities
Published:07.08.2008
Source:
SecurityVulns ID:9202
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities in protocol dissectors, causing application to crash.
CVE:CVE-2008-3140 (The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet.")
 CVE-2008-3139 (The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.)
 CVE-2008-3138 (The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.)
 CVE-2008-3137 (The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.)
Original documentdocumentGENTOO, [ GLSA 200808-04 ] Wireshark: Denial of Service (07.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod