CVE-2008-1070

Published Feb 28, 2008

Last updated 6 years ago

Overview

Description: The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Vendor comments

Red HatThe affected version of Wireshark as shipped in Red Hat Enterprise Linux 3, 4, and 5 were fixed via: https://rhn.redhat.com/errata/RHSA-2008-0890.html

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8ED0A8C-174C-4889-9B00-51B1E720B575"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.7.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9053B950-143E-4941-9C58-A57D9F1FF78D"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.8.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FD279A0-5BA7-4D86-B975-2E76B4B2D85B"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.9.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41535173-00D3-4E52-9441-D7ED44BE9B05"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "589FBD3D-FFE4-4BB3-B5F9-7FF949212AE4"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD4F19A6-98D5-4B6A-8AF0-D88561D50296"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6D5E65C-08BF-480D-A7BE-1876E9AC93E0"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "503E7F73-0E2A-442C-9B76-679A2AD03052"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3C422E5-3252-48C2-B4FF-E32AA5463D97"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31C43A78-E578-4B1C-8E33-24529E973E30"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0D56DA6-3EB2-4074-8C43-A5FD93B1555B"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1074B30-F2E6-47CD-8491-29163811E07F"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10FAAC5E-DD4E-49EF-A051-2F80BACC20D1"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB52B779-7A2D-43E0-9F12-C65053002EBC"
          },
          {
            "criteria": "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2F7D104-7498-4C5F-AE75-6F04D5DA35B1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Vendor comments

Configurations

References