Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3140

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-3140
Last Modified 12 Sep 2012 10:30:28
Published 10 Jul 2008 07:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3140

Summary

The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."

Vulnerable Systems

Application

  • Wireshark 1.0.0


References

XF - wireshark-syslog-dos(43518)

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2008-03.html

VUPEN - ADV-2008-1982

BID - 30020

GENTOO - GLSA-200808-04

SECUNIA - 31687

SECUNIA - 31378

SECUNIA - 30886

SUSE - SUSE-SR:2008:017

FEDORA - FEDORA-2008-6440

BUGTRAQ - 20080703 rPSA-2008-0212-1 tshark wireshark

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0212

SECTRACK - 1020404

SECUNIA - 31085

SECUNIA - 30942

Related Patches

Novell SUSE 2008:5520 ethereal security update for SLE 10 i586


Last Updated: 27 May 2016 11:00:39