CVE-2008-4684
Published Oct 22, 2008
Last updated 6 years ago
Overview
- Description
- packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatThis issue has been addressed in Wireshark packages as shipped in Red Hat Enterprise Linux 3, 4 and 5 via: https://rhn.redhat.com/errata/RHSA-2009-0313.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31C43A78-E578-4B1C-8E33-24529E973E30"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0D56DA6-3EB2-4074-8C43-A5FD93B1555B"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1074B30-F2E6-47CD-8491-29163811E07F"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10FAAC5E-DD4E-49EF-A051-2F80BACC20D1"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB52B779-7A2D-43E0-9F12-C65053002EBC"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A85B028-7384-403A-817C-B5001F02A8A5"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2F7D104-7498-4C5F-AE75-6F04D5DA35B1"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "801B1795-3DC4-4BE3-A693-37B6BD116B14"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17808311-AC2A-428A-BB8B-B08549C5DAEB"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "978C483C-A6F7-456F-9488-833D520D4A1E"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BB94CE6-03D3-43C3-B765-AC36961CD83C"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37FADA30-FD98-42F3-80F1-E8794C77AC76"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8541E3F7-6DCF-4070-ACB0-C6B9C7BE32D2"
}
],
"operator": "OR"
}
]
}
]