GoogleOSV:DSA-1673-1wireshark - several vulnerabilities
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.008 Low
EPSS
Percentile
79.2%
Several remote vulnerabilities have been discovered in network traffic
analyzer Wireshark. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CVE-2008-3137
The GSM SMS dissector is vulnerable to denial of service. - CVE-2008-3138
The PANA and KISMET dissectors are vulnerable to denial of service. - CVE-2008-3141
The RMI dissector could disclose system memory. - CVE-2008-3145
The packet reassembling module is vulnerable to denial of service. - CVE-2008-3933
The zlib uncompression module is vulnerable to denial of service. - CVE-2008-4683
The Bluetooth ACL dissector is vulnerable to denial of service. - CVE-2008-4684
The PRP and MATE dissectors are vulnerable to denial of service. - CVE-2008-4685
The Q931 dissector is vulnerable to denial of service.
For the stable distribution (etch), these problems have been fixed in
version 0.99.4-5.etch.3.
For the upcoming stable distribution (lenny), these problems have been
fixed in version 1.0.2-3+lenny2.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your wireshark packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wireshark | eq | 0.99.4-5 | |
| wireshark | eq | 0.99.4-5.etch.0 | |
| wireshark | eq | 0.99.4-5.etch.1 | |
| wireshark | eq | 0.99.4-5.etch.2 |
References
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.008 Low
EPSS
Percentile
79.2%