Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6439

Overview

Vulnerability Score 6.1 6.1
CVE Id CVE-2007-6439
Last Modified 13 Aug 2012 10:33:58
Published 19 Dec 2007 05:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6439

Summary

Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.

Vulnerable Systems

Application

  • Wireshark 0.99.6


References

CONFIRM - https://issues.rpath.com/browse/RPL-1975

XF - wireshark-usb-dissector-dos(39181)

XF - wireshark-ipv6-dissector-dos(39180)

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2007-03.html

BID - 27071

BUGTRAQ - 20080103 rPSA-2008-0004-1 tshark wireshark

REDHAT - RHSA-2008:0058

MANDRIVA - MDVSA-2008:1

MANDRIVA - MDVSA-2008:001

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004

GENTOO - GLSA-200712-23

SECUNIA - 29048

SECUNIA - 28564

SECUNIA - 28325

SECUNIA - 28304

SECUNIA - 28288

SECUNIA - 27777

SUSE - SUSE-SR:2008:004

MISC - http://bugs.gentoo.org/show_bug.cgi?id=199958


Last Updated: 27 May 2016 10:46:30