Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3139

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-3139
Last Modified 12 Sep 2012 10:30:28
Published 10 Jul 2008 07:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3139

Summary

The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

Vulnerable Systems

Application

  • Rpath Linux 1

  • Wireshark 0.9.5

  • Wireshark 0.99.2

  • Wireshark 0.99.3

  • Wireshark 0.99.4

  • Wireshark 0.99.5

  • Wireshark 0.99.6

  • Wireshark 0.99.7

  • Wireshark 0.99.8

  • Wireshark 1.0

  • Wireshark 1.0.0


References

XF - wireshark-rtmpt-dos(43517)

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2008-03.html

VUPEN - ADV-2008-1982

BID - 30020

GENTOO - GLSA-200808-04

SECUNIA - 31687

SECUNIA - 31378

SECUNIA - 30886

SUSE - SUSE-SR:2008:017

FEDORA - FEDORA-2008-6440

BUGTRAQ - 20080703 rPSA-2008-0212-1 tshark wireshark

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0212

SECTRACK - 1020404

SECUNIA - 31085

SECUNIA - 30942

Related Patches

Novell SUSE 2008:5520 ethereal security update for SLE 10 i586


Last Updated: 27 May 2016 11:00:39