|
|
| |
|
| |
wireshark: multiple vulnerabilities
| Package(s): | wireshark ethereal |
CVE #(s): | CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740
|
| Created: | November 3, 2006 |
Updated: | November 14, 2006 |
| Description: |
There are multiple vulnerabilities in Wireshark (formerly Ethereal):
- Off-by-one error in the MIME Multipart dissector in Wireshark 0.10.1
through 0.99.3 allows remote attackers to cause a denial of service
(crash) via certain vectors that trigger an assertion error related to
unexpected length values. CVE-2006-4574
- epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu)
in Wireshark 0.9.8 through 0.99.3 allows remote attackers to cause a
denial of service (memory consumption and crash) via an encoded XOT
packet that produces a zero length value when it is decoded.
CVE-2006-4805
- Unspecified vulnerability in the HTTP dissector in Wireshark 0.99.3
allows remote attackers to cause a denial of service (crash) via
unspecified vectors. CVE-2006-5468
- Unspecified vulnerability in the WBXML dissector in Wireshark 0.10.11
through 0.99.3 allows remote attackers to cause a denial of service
(crash) via certain vectors that trigger a null dereference.
CVE-2006-5469
- Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.3
allows remote attackers to cause a denial of service (crash) via a
crafted LDAP packet. CVE-2006-5740
|
| Alerts: |
|
( Log in to post comments)
|
|
|