Lucene search

[email protected]NVD:CVE-2009-4377

HistoryDec 21, 2009 - 9:30 p.m.

CVE-2009-4377

2009-12-2121:30:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

Affected configurations

Nvd

Node

wiresharkwiresharkMatch0.9.2

wiresharkwiresharkMatch0.9.5

wiresharkwiresharkMatch0.9.6

wiresharkwiresharkMatch0.9.7

wiresharkwiresharkMatch0.9.8

wiresharkwiresharkMatch0.9.10

wiresharkwiresharkMatch0.9.14

wiresharkwiresharkMatch0.99

wiresharkwiresharkMatch0.99.0

wiresharkwiresharkMatch0.99.1

wiresharkwiresharkMatch0.99.2

wiresharkwiresharkMatch0.99.3

wiresharkwiresharkMatch0.99.4

wiresharkwiresharkMatch0.99.5

wiresharkwiresharkMatch0.99.6

wiresharkwiresharkMatch0.99.6a

wiresharkwiresharkMatch0.99.7

wiresharkwiresharkMatch0.99.8

wiresharkwiresharkMatch0.99.9

wiresharkwiresharkMatch1.0

wiresharkwiresharkMatch1.0.0

wiresharkwiresharkMatch1.0.1

wiresharkwiresharkMatch1.0.2

wiresharkwiresharkMatch1.0.3

wiresharkwiresharkMatch1.0.4

wiresharkwiresharkMatch1.0.5

wiresharkwiresharkMatch1.0.6

wiresharkwiresharkMatch1.0.7

wiresharkwiresharkMatch1.0.8

wiresharkwiresharkMatch1.0.9

wiresharkwiresharkMatch1.2

wiresharkwiresharkMatch1.2.0

wiresharkwiresharkMatch1.2.1

wiresharkwiresharkMatch1.2.2

wiresharkwiresharkMatch1.2.3

wiresharkwiresharkMatch1.2.4

References

osvdb.org/61178

secunia.com/advisories/37842

secunia.com/advisories/37916

www.debian.org/security/2009/dsa-1983

www.mandriva.com/security/advisories?name=MDVSA-2010:031

www.securityfocus.com/bid/37407

www.securitytracker.com/id?1023374

www.vupen.com/english/advisories/2009/3596

www.wireshark.org/security/wnpa-sec-2009-09.html

bugs.wireshark.org/bugzilla/show_bug.cgi?id=4301

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9564

www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.008

Percentile

81.6%

JSON

Related for NVD:CVE-2009-4377

debiancve1 ubuntucve1 openvas19 cvelist1 veracode1 cve1 prion1 fedora1 securityvulns2 nessus15 osv1 seebug1 gentoo1 redhat1 centos1 oraclelinux1