ID CVE-2009-1267
Summary Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
References
Vulnerable Configurations
  • Wireshark 0.99.2
    cpe:2.3:a:wireshark:wireshark:0.99.2
  • Wireshark 0.99.3
    cpe:2.3:a:wireshark:wireshark:0.99.3
  • Wireshark 0.99.4
    cpe:2.3:a:wireshark:wireshark:0.99.4
  • Wireshark 0.99.5
    cpe:2.3:a:wireshark:wireshark:0.99.5
  • Wireshark 0.99.6
    cpe:2.3:a:wireshark:wireshark:0.99.6
  • cpe:2.3:a:wireshark:wireshark:0.99.6a
    cpe:2.3:a:wireshark:wireshark:0.99.6a
  • Wireshark 0.99.7
    cpe:2.3:a:wireshark:wireshark:0.99.7
  • Wireshark 0.99.8
    cpe:2.3:a:wireshark:wireshark:0.99.8
  • cpe:2.3:a:wireshark:wireshark:1.0
    cpe:2.3:a:wireshark:wireshark:1.0
  • Wireshark 1.0.0
    cpe:2.3:a:wireshark:wireshark:1.0.0
  • Wireshark 1.0.1
    cpe:2.3:a:wireshark:wireshark:1.0.1
  • Wireshark 1.0.2
    cpe:2.3:a:wireshark:wireshark:1.0.2
  • Wireshark 1.0.3
    cpe:2.3:a:wireshark:wireshark:1.0.3
  • Wireshark 1.0.4
    cpe:2.3:a:wireshark:wireshark:1.0.4
  • Wireshark 1.0.5
    cpe:2.3:a:wireshark:wireshark:1.0.5
  • Wireshark 1.0.6
    cpe:2.3:a:wireshark:wireshark:1.0.6
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 5.0 (as of 13-04-2009 - 14:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_WIRESHARK-6271.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 38924
    published 2009-05-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38924
    title openSUSE 10 Security Update : wireshark (wireshark-6271)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-090525.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1269)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41460
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41460
    title SuSE 11 Security Update : wireshark (SAT Patch Number 910)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_WIRESHARK-090525.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40323
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40323
    title openSUSE Security Update : wireshark (wireshark-912)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_WIRESHARK-090525.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40154
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40154
    title openSUSE Security Update : wireshark (wireshark-912)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12424.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file. (CVE-2009-1269) - crash in Check Point High-Availability Protocol (CPHAP) dissector. (CVE-2009-1268) - LDAP dissector could crash on Windows. (CVE-2009-1267) - PROFINET format string bug. (CVE-2009-1210) - additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1266)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41303
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41303
    title SuSE9 Security Update : ethereal (YOU Patch Number 12424)
  • NASL family Windows
    NASL id WIRESHARK_1_0_7.NASL
    description The installed version of Wireshark or Ethereal is affected by multiple issues : - The PROFINET dissector is affected by a format string vulnerability which an attacker could exploit to execute arbitrary code. (Bug 3372) - Wireshark could crash while reading a malformed LDAP capture file. (Bug 3262) - Wireshark could crash while reading a malformed Check Point High-Availability Protocol capture file. (Bug 3269) - Wireshark could crash while reading a Tektronix .rf5 capture file. (Bug 3366)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 36127
    published 2009-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36127
    title Wireshark / Ethereal 0.99.2 to 1.0.6 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ETHEREAL-6269.NASL
    description Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1269)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 41506
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41506
    title SuSE 10 Security Update : ethereal (ZYPP Patch Number 6269)
oval via4
accepted 2013-08-19T04:05:05.321-04:00
class vulnerability
contributors
  • name Chandan S
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
family windows
id oval:org.mitre.oval:def:6099
status accepted
submitted 2009-04-16T16:30:43
title Wireshark LDAP dissector Denial of Service Vulnerability
version 7
refmap via4
bid 34457
bugtraq 20090417 rPSA-2009-0062-1 tshark wireshark
confirm
sectrack 1022027
secunia
  • 34778
  • 35416
suse SUSE-SR:2009:011
xf wireshark-ldap-home-dos(49814)
statements via4
contributor Tomas Hoger
lastmodified 2009-04-17
organization Red Hat
statement Not vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 20-01-2011 - 00:00
Published 13-04-2009 - 12:30
Last modified 10-10-2018 - 15:35
Back to Top