Test ID:	1.3.6.1.4.1.25623.1.0.800247
Category:	Denial of Service
Title:	Wireshark Multiple Vulnerabilities (Feb 2009) - Windows
Summary:	Wireshark is prone to multiple vulnerabilities.
Description:	Summary: Wireshark is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - a boundary error in the processing of NetScreen Snoop capture files. - format string vulnerability in wireshark through format string specifiers in the HOME environment variable. - improper handling of Tektronix K12 text capture files as demonstrated by a file with exactly one frame. Vulnerability Impact: Successful exploitation will let the attacker cause denial of service to the application by crafting malicious packets. Affected Software/OS: Wireshark for Windows version 1.0.5 and prior. Solution: Upgrade to the latest version 1.0.6. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0599 BugTraq ID: 33690 http://www.securityfocus.com/bid/33690 Bugtraq: 20090312 rPSA-2009-0040-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/501763/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00652.html http://osvdb.org/51815 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9677 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securitytracker.com/id?1021697 http://secunia.com/advisories/33872 http://secunia.com/advisories/34144 http://secunia.com/advisories/34264 http://secunia.com/advisories/34344 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://www.vupen.com/english/advisories/2009/0370 Common Vulnerability Exposure (CVE) ID: CVE-2009-0600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10853 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15041 Common Vulnerability Exposure (CVE) ID: CVE-2009-0601
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.