Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6114

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6114
Last Modified 07 Mar 2011 10:01:48
Published 23 Nov 2007 03:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6114

Summary

Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.

Vulnerable Systems

Application

  • Wireshark 0.99

  • Wireshark 0.99.0

  • Wireshark 0.99.1

  • Wireshark 0.99.2

  • Wireshark 0.99.3

  • Wireshark 0.99.4

  • Wireshark 0.99.5

  • Wireshark 0.99.6


References

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2007-03.html

BID - 26532

FEDORA - FEDORA-2007-4690

FEDORA - FEDORA-2007-4590

CONFIRM - https://issues.rpath.com/browse/RPL-1975

VUPEN - ADV-2007-3956

BUGTRAQ - 20080103 rPSA-2008-0004-1 tshark wireshark

REDHAT - RHSA-2008:0059

REDHAT - RHSA-2008:0058

MANDRIVA - MDVSA-2008:1

MANDRIVA - MDVSA-2008:001

DEBIAN - DSA-1414

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004

SECTRACK - 1018988

GENTOO - GLSA-200712-23

SECUNIA - 29048

SECUNIA - 28583

SECUNIA - 28564

SECUNIA - 28325

SECUNIA - 28304

SECUNIA - 28288

SECUNIA - 28207

SECUNIA - 28197

SECUNIA - 27817

SECUNIA - 27777

SUSE - SUSE-SR:2008:004

MISC - http://bugs.gentoo.org/show_bug.cgi?id=199958


Last Updated: 27 May 2016 10:46:22