CVE-2009-0601
Published Feb 16, 2009
Last updated 6 months ago
Overview
- Description
- Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-134
Evaluator
- Comment
- -
- Impact
- Per http://www.vupen.com/english/advisories/2009/0370: "Multiple vulnerabilities have been identified in Wireshark, which could be exploited by local or remote attackers to cause a denial of service or compromise a vulnerable system."
- Solution
- Per http://www.vupen.com/english/advisories/2009/0370: "Multiple vulnerabilities have been identified in Wireshark, which could be exploited by local or remote attackers to cause a denial of service or compromise a vulnerable system."
Vendor comments
- Red HatRed Hat does not consider this to be a security issue. For further details, see: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0601#c3
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "801B1795-3DC4-4BE3-A693-37B6BD116B14"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "978C483C-A6F7-456F-9488-833D520D4A1E"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BB94CE6-03D3-43C3-B765-AC36961CD83C"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37FADA30-FD98-42F3-80F1-E8794C77AC76"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8541E3F7-6DCF-4070-ACB0-C6B9C7BE32D2"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90E01A6A-D948-4701-9C4E-F8C3FCC52F2C"
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCDCD888-3F3D-4ABC-B6D8-4A9E2C40265C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA"
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]