Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15948
HistoryFeb 01, 2007 - 12:00 a.m.

Wireshark: wnpa-sec-2007-01

2007-02-0100:00:00
vulners.com
9
JSON

Summary
Name: Multiple problems in Wireshark (formerly Ethereal®) versions 0.10.14 to 0.99.4

Docid: wnpa-sec-2007-01

Date: February 1, 2007

Versions affected: 0.10.14 up to and including 0.99.4
Details
Description
Wireshark 0.99.5 fixes the following vulnerabilities:

* The TCP dissector could hang or crash while reassembling HTTP packets. (Bug 1200)
  Versions affected: 0.99.2 to 0.99.4
  CVE-2007-0459
* The HTTP dissector could crash.
  Versions affected: 0.99.3 to 0.99.4
  CVE-2007-0458
* On some systems, the IEEE 802.11 dissector could crash.
  Versions affected: 0.10.14 to 0.99.4
  CVE-2007-0457
* On some systems, the LLT dissector could crash.
  Versions affected: 0.99.3 to 0.99.4
  CVE-2007-0456

Impact
It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 0.99.5.

If are running Wireshark 0.99.4 or Ethereal 0.99.0 or earlier and cannot upgrade, you can work around each of the problems listed above by doing the following:

* Disable the HTTP, IEEE 802.11, and LLT dissectors.
      o Select Analyze→Enabled Protocols... from the menu.
      o Make sure "HTTP", "IEEE 802.11", and "LLT" are un-checked.
      o Click "Save", then click "OK".

Related

altlinux 1
oraclelinux 1
centos 2
seebug 1
nessus 7
securityvulns 1
openvas 5
redhat 1
fedora 2
debiancve 4
prion 4
cve 4
veracode 4
ubuntucve 4
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.99.5-alt1
2007-02-04 00:00:00
oraclelinux
oraclelinux
Low: wireshark security update
2007-03-14 00:00:00
centos
centos
wireshark security update
2007-03-14 22:22:11
wireshark security update
2007-03-16 00:58:03
seebug
seebug
Wireshark多个协议拒绝服务漏洞
2007-02-09 00:00:00
nessus
nessus
CentOS 3 / 4 : wireshark (CESA-2007:0066)
2007-03-16 00:00:00
openSUSE 10 Security Update : wireshark (wireshark-2638)
2007-10-17 00:00:00
Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2007-0066)
2013-07-12 00:00:00
securityvulns
securityvulns
Multiple Wireshark sniffer security vulnerabilities
2007-02-01 00:00:00
openvas
openvas
Mandriva Update for wireshark MDKSA-2007:033 (wireshark)
2009-04-09 00:00:00
Oracle Linux Local Check: ELSA-2007-0066
2015-10-08 00:00:00
Mandriva Update for wireshark MDKSA-2007:033 (wireshark)
2009-04-09 00:00:00
redhat
redhat
(RHSA-2007:0066) Low: wireshark security update
2007-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: wireshark-0.99.5-1.fc6
2007-02-08 22:06:21
[SECURITY] Fedora Core 5 Update: wireshark-0.99.5-1.fc5
2007-02-06 17:14:14
debiancve
debiancve
CVE-2007-0456
2007-02-02 20:28:00
CVE-2007-0457
2007-02-02 20:28:00
CVE-2007-0459
2007-02-02 20:28:00
prion
prion
Code injection
2007-02-02 20:28:00
Code injection
2007-02-02 20:28:00
Code injection
2007-02-02 20:28:00
cve
cve
CVE-2007-0457
2007-02-02 20:28:00
CVE-2007-0456
2007-02-02 20:28:00
CVE-2007-0459
2007-02-02 20:28:00
veracode
veracode
Denial Of Service(DoS)
2020-04-10 00:16:08
Denial Of Service (DoS)
2020-04-10 00:16:08
Denial Of Service(DoS)
2020-04-10 00:16:08
ubuntucve
ubuntucve
CVE-2007-0456
2007-02-02 00:00:00
CVE-2007-0457
2007-02-02 00:00:00
CVE-2007-0459
2007-02-02 00:00:00
JSON
Related for SECURITYVULNS:DOC:15948
altlinux1oraclelinux1centos2seebug1nessus7securityvulns1openvas5redhat1fedora2debiancve4prion4cve4veracode4ubuntucve4