10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.025 Low
EPSS
Percentile
89.0%
Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.
Multiple buffer overflow flaws were found in Wireshark. If Wireshark read
a malformed packet off a network, it could crash or, possibly, execute
arbitrary code as the user running Wireshark. (CVE-2008-3146)
Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,
CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,
CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)
Additionally, this update changes the default Pluggable Authentication
Modules (PAM) configuration to always prompt for the root password before
each start of Wireshark. This avoids unintentionally running Wireshark with
root privileges.
Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.3, and resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ppc | wireshark | < 1.0.3-3.el4_7 | wireshark-1.0.3-3.el4_7.ppc.rpm |
RedHat | 5 | ppc | wireshark | < 1.0.3-4.el5_2 | wireshark-1.0.3-4.el5_2.ppc.rpm |
RedHat | 5 | ppc | wireshark-gnome | < 1.0.3-4.el5_2 | wireshark-gnome-1.0.3-4.el5_2.ppc.rpm |
RedHat | 4 | i386 | wireshark | < 1.0.3-3.el4_7 | wireshark-1.0.3-3.el4_7.i386.rpm |
RedHat | 5 | x86_64 | wireshark-gnome | < 1.0.3-4.el5_2 | wireshark-gnome-1.0.3-4.el5_2.x86_64.rpm |
RedHat | 5 | ia64 | wireshark | < 1.0.3-4.el5_2 | wireshark-1.0.3-4.el5_2.ia64.rpm |
RedHat | 4 | s390x | wireshark | < 1.0.3-3.el4_7 | wireshark-1.0.3-3.el4_7.s390x.rpm |
RedHat | 5 | s390x | wireshark | < 1.0.3-4.el5_2 | wireshark-1.0.3-4.el5_2.s390x.rpm |
RedHat | 5 | i386 | wireshark | < 1.0.3-4.el5_2 | wireshark-1.0.3-4.el5_2.i386.rpm |
RedHat | 5 | i386 | wireshark-gnome | < 1.0.3-4.el5_2 | wireshark-gnome-1.0.3-4.el5_2.i386.rpm |