Denial of Service : Wireshark Multiple Unspecified Vulnerabilities (Apr 2009)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800396

Categoría: Denial of Service

Título: Wireshark Multiple Unspecified Vulnerabilities (Apr 2009) - Windows

Resumen: Wireshark is prone to multiple unspecified vulnerabilities.

Descripción: Summary:
Wireshark is prone to multiple unspecified vulnerabilities.

Vulnerability Insight:
- Error exists while processing PN-DCP packet with format string specifiers
in PROFINET/DCP (PN-DCP) dissector.

- Error in unknown impact and attack vectors.

- Error in Lightweight Directory Access Protocol (LDAP) dissector when
processing unknown attack vectors.

- Error in Check Point High-Availability Protocol (CPHAP) when processing
crafted FWHA_MY_STATE packet.

- An error exists while processing malformed Tektronix .rf5 file.

Vulnerability Impact:
Successful exploitation could result in denial of service condition.

Affected Software/OS:
Wireshark version 0.9.6 to 1.0.6 on Windows

Solution:
Upgrade to Wireshark 1.0.7.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1210
BugTraq ID: 34291
http://www.securityfocus.com/bid/34291
Bugtraq: 20090417 rPSA-2009-0062-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/502745/100/0/threaded
Debian Security Information: DSA-1785 (Google Search)
http://www.debian.org/security/2009/dsa-1785
https://www.exploit-db.com/exploits/8308
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:088
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5976
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9526
http://www.redhat.com/support/errata/RHSA-2009-1100.html
http://secunia.com/advisories/34542
http://secunia.com/advisories/34778
http://secunia.com/advisories/34970
http://secunia.com/advisories/35133
http://secunia.com/advisories/35224
http://secunia.com/advisories/35416
http://secunia.com/advisories/35464
SuSE Security Announcement: SUSE-SR:2009:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
XForce ISS Database: wireshark-pndcp-format-string(49512)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49512
Common Vulnerability Exposure (CVE) ID: CVE-2009-1266
XForce ISS Database: wireshark-unspecified(50334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50334
Common Vulnerability Exposure (CVE) ID: CVE-2009-1267
BugTraq ID: 34457
http://www.securityfocus.com/bid/34457
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099
http://www.securitytracker.com/id?1022027
XForce ISS Database: wireshark-ldap-home-dos(49814)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49814
Common Vulnerability Exposure (CVE) ID: CVE-2009-1268
Debian Security Information: DSA-1942 (Google Search)
http://www.debian.org/security/2009/dsa-1942
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10876
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5335
http://secunia.com/advisories/37477
XForce ISS Database: wireshark-cphap-dos(49815)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49815
Common Vulnerability Exposure (CVE) ID: CVE-2009-1269
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10642
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5748
XForce ISS Database: wireshark-rf5file-dos(49816)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49816

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800396
Categoría:	Denial of Service
Título:	Wireshark Multiple Unspecified Vulnerabilities (Apr 2009) - Windows
Resumen:	Wireshark is prone to multiple unspecified vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple unspecified vulnerabilities. Vulnerability Insight: - Error exists while processing PN-DCP packet with format string specifiers in PROFINET/DCP (PN-DCP) dissector. - Error in unknown impact and attack vectors. - Error in Lightweight Directory Access Protocol (LDAP) dissector when processing unknown attack vectors. - Error in Check Point High-Availability Protocol (CPHAP) when processing crafted FWHA_MY_STATE packet. - An error exists while processing malformed Tektronix .rf5 file. Vulnerability Impact: Successful exploitation could result in denial of service condition. Affected Software/OS: Wireshark version 0.9.6 to 1.0.6 on Windows Solution: Upgrade to Wireshark 1.0.7. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1210 BugTraq ID: 34291 http://www.securityfocus.com/bid/34291 Bugtraq: 20090417 rPSA-2009-0062-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/502745/100/0/threaded Debian Security Information: DSA-1785 (Google Search) http://www.debian.org/security/2009/dsa-1785 https://www.exploit-db.com/exploits/8308 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5976 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9526 http://www.redhat.com/support/errata/RHSA-2009-1100.html http://secunia.com/advisories/34542 http://secunia.com/advisories/34778 http://secunia.com/advisories/34970 http://secunia.com/advisories/35133 http://secunia.com/advisories/35224 http://secunia.com/advisories/35416 http://secunia.com/advisories/35464 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html XForce ISS Database: wireshark-pndcp-format-string(49512) https://exchange.xforce.ibmcloud.com/vulnerabilities/49512 Common Vulnerability Exposure (CVE) ID: CVE-2009-1266 XForce ISS Database: wireshark-unspecified(50334) https://exchange.xforce.ibmcloud.com/vulnerabilities/50334 Common Vulnerability Exposure (CVE) ID: CVE-2009-1267 BugTraq ID: 34457 http://www.securityfocus.com/bid/34457 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099 http://www.securitytracker.com/id?1022027 XForce ISS Database: wireshark-ldap-home-dos(49814) https://exchange.xforce.ibmcloud.com/vulnerabilities/49814 Common Vulnerability Exposure (CVE) ID: CVE-2009-1268 Debian Security Information: DSA-1942 (Google Search) http://www.debian.org/security/2009/dsa-1942 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10876 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5335 http://secunia.com/advisories/37477 XForce ISS Database: wireshark-cphap-dos(49815) https://exchange.xforce.ibmcloud.com/vulnerabilities/49815 Common Vulnerability Exposure (CVE) ID: CVE-2009-1269 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5748 XForce ISS Database: wireshark-rf5file-dos(49816) https://exchange.xforce.ibmcloud.com/vulnerabilities/49816
Copyright	Copyright (C) 2009 Greenbone AG