ID CVE-2006-4332
Summary Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a bug in Glib.
References
Vulnerable Configurations
  • cpe:2.3:a:wireshark:wireshark:0.10.13
    cpe:2.3:a:wireshark:wireshark:0.10.13
  • cpe:2.3:a:wireshark:wireshark:0.10.4
    cpe:2.3:a:wireshark:wireshark:0.10.4
  • cpe:2.3:a:wireshark:wireshark:0.99
    cpe:2.3:a:wireshark:wireshark:0.99
  • cpe:2.3:a:wireshark:wireshark:0.99.1
    cpe:2.3:a:wireshark:wireshark:0.99.1
  • Wireshark 0.99.2
    cpe:2.3:a:wireshark:wireshark:0.99.2
CVSS
Base: 5.0 (as of 27-08-2006 - 15:53)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-152.NASL
    description Vulnerabilities in the SCSI, DHCP, and SSCOP dissectors were discovered in versions of wireshark less than 0.99.3, as well as an off-by-one error in the IPsec ESP preference parser if compiled with ESP decryption support. This updated provides wireshark 0.99.3a which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 23898
    published 2006-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23898
    title Mandrake Linux Security Advisory : wireshark (MDKSA-2006:152)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200608-26.NASL
    description The remote host is affected by the vulnerability described in GLSA-200608-26 (Wireshark: Multiple vulnerabilities) The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured. Impact : An attacker might be able to exploit these vulnerabilities, resulting in a crash or the execution of arbitrary code with the permissions of the user running Wireshark, possibly the root user. Workaround : Disable the SCSI and Q.2931 dissectors with the 'Analyse' and 'Enabled protocols' menus. Make sure the ESP decryption is disabled, with the 'Edit -> Preferences -> Protocols -> ESP' menu.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 22288
    published 2006-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22288
    title GLSA-200608-26 : Wireshark: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ETHEREAL-2029.NASL
    description A security problem was fixed in ethereal, which could be used by remote attackers to hang the ethereal process. CVE-2006-4333: If the SSCOP dissector has a port range configured AND the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. The vulnerabilities tracked by the Mitre CVE IDs CVE-2006-4330 (SCSI dissector), CVE-2006-4331 (ESP decryption), CVE-2006-4332 (DHCP dissector) do not affect our shipped ethereal releases.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27206
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27206
    title openSUSE 10 Security Update : ethereal (ethereal-2029)
refmap via4
bid 19690
cert-vn VU#335656
confirm http://www.wireshark.org/security/wnpa-sec-2006-02.html
gentoo GLSA-200608-26
mandriva MDKSA-2006:152
sectrack 1016736
secunia
  • 21597
  • 21619
  • 21649
  • 21682
vupen ADV-2006-3370
xf
  • wireshark-dhcp-dos(28554)
  • wireshark-esp-offbyone(28553)
Last major update 07-03-2011 - 21:40
Published 24-08-2006 - 16:04
Last modified 19-07-2017 - 21:33
Back to Top