7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.022 Low
EPSS
Percentile
89.4%
CentOS Errata and Security Advisory CESA-2006:0726
Wireshark is a program for monitoring network traffic.
Several flaws were found in Wireshark’s HTTP, WBXML, LDAP, and XOT protocol
dissectors. Wireshark could crash or stop responding if it read a malformed
packet off the network. (CVE-2006-4805, CVE-2006-5468, CVE-2006-5469,
CVE-2006-5740)
A single NULL byte heap based buffer overflow was found in Wireshark’s MIME
Multipart dissector. Wireshark could crash or possibly execute arbitrary
arbitrary code as the user running Wireshark. (CVE-2006-4574)
Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.4, which is not vulnerable to these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-November/075539.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075553.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075554.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075555.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075557.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075558.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075560.html
Affected packages:
wireshark
wireshark-gnome
Upstream details at:
https://access.redhat.com/errata/RHSA-2006:0726
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | ia64 | wireshark | < 0.99.4-EL3.1 | wireshark-0.99.4-EL3.1.ia64.rpm |
CentOS | 3 | ia64 | wireshark-gnome | < 0.99.4-EL3.1 | wireshark-gnome-0.99.4-EL3.1.ia64.rpm |
CentOS | 4 | ia64 | wireshark | < 0.99.4-EL4.1 | wireshark-0.99.4-EL4.1.ia64.rpm |
CentOS | 4 | ia64 | wireshark-gnome | < 0.99.4-EL4.1 | wireshark-gnome-0.99.4-EL4.1.ia64.rpm |
CentOS | 3 | i386 | wireshark | < 0.99.4-EL3.1 | wireshark-0.99.4-EL3.1.i386.rpm |
CentOS | 3 | i386 | wireshark-gnome | < 0.99.4-EL3.1 | wireshark-gnome-0.99.4-EL3.1.i386.rpm |
CentOS | 3 | x86_64 | wireshark | < 0.99.4-EL3.1 | wireshark-0.99.4-EL3.1.x86_64.rpm |
CentOS | 3 | x86_64 | wireshark-gnome | < 0.99.4-EL3.1 | wireshark-gnome-0.99.4-EL3.1.x86_64.rpm |
CentOS | 4 | x86_64 | wireshark | < 0.99.4-EL4.1 | wireshark-0.99.4-EL4.1.x86_64.rpm |
CentOS | 4 | x86_64 | wireshark-gnome | < 0.99.4-EL4.1 | wireshark-gnome-0.99.4-EL4.1.x86_64.rpm |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.022 Low
EPSS
Percentile
89.4%