Detections
Analytics

Wireshark / Ethereal 0.99.6 to 1.0.5 Multiple Denial of Service Vulnerabilities

low Nessus Plugin ID 35629

Synopsis

The remote host has an application that is susceptible to multiple denial of service attacks.

Description

The installed version of Wireshark or Ethereal is affected by multiple denial of service issues :

 - Wireshark could crash while reading a malformed NetScreen snoop file. (Bug 3151)

 - Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937)

Solution

Upgrade to Wireshark 1.0.6 or later.

See Also

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3151

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1937

http://www.wireshark.org/security/wnpa-sec-2009-01.html

https://www.wireshark.org/news/20090206.html

Plugin Details

Severity: Low

ID: 35629

File Name: wireshark_1_0_6.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 2/10/2009

Updated: 3/9/2023

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: SMB/Wireshark/Installed

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2009-0599, CVE-2009-0600

BID: 33690

CWE: 119, 20

Secunia: 33872