| Description: | Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.
Vulnerability Insight:
The following packages are affected:
wireshark
wireshark-lite
ethereal
ethereal-lite
tethereal
tethereal-lite
CVE-2007-6438
Unspecified vulnerability in the SMB dissector in Wireshark (formerly
Ethereal) 0.99.6 allows remote attackers to cause a denial of service
via unknown vectors. NOTE: this identifier originally included MP3
and NCP, but those issues are already covered by CVE-2007-6111.
CVE-2007-6439
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause
a denial of service (infinite or large loop) via the (1) IPv6 or (2)
USB dissector, which can trigger resource consumption or a crash.
NOTE: this identifier originally included Firebird/Interbase, but it
is already covered by CVE-2007-6116. The DCP ETSI issue is already
covered by CVE-2007-6119.
CVE-2007-6441
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows
remote attackers to cause a denial of service (crash) via unknown
vectors related to 'unaligned access on some platforms.'
CVE-2007-6450
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6
allows remote attackers to cause a denial of service (infinite loop)
via unknown vectors.
CVE-2007-6451
Unspecified vulnerability in the CIP dissector in Wireshark (formerly
Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial
of service (crash) via unknown vectors that trigger allocation of
large amounts of memory.
Solution:
Update your system with the appropriate patches or
software upgrades.
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
