ID CVE-2009-3243
Summary Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
References
Vulnerable Configurations
  • Wireshark 1.2.0
    cpe:2.3:a:wireshark:wireshark:1.2.0
  • Wireshark 1.2.1
    cpe:2.3:a:wireshark:wireshark:1.2.1
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 5.0 (as of 18-09-2009 - 13:07)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Wireshark 1.2.1 TLS Dissector 1.2 Conversation Handling Unspecified Remote DoS. CVE-2009-3243. Dos exploit for linux platform
id EDB-ID:33223
last seen 2016-02-03
modified 2009-09-15
published 2009-09-15
reporter Buildbot Builder
source https://www.exploit-db.com/download/33223/
title Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote DoS
nessus via4
  • NASL family Windows
    NASL id WIRESHARK_1_2_2.NASL
    description The installed version of Wireshark or Ethereal is affected by multiple issues : - The GSM A RR dissector could crash. (Bug 3893) - The OpcUa dissector could use excessive CPU and memory. (Bug 3986) - The TLS dissector could crash on some platforms. (Bug 4008) - Wireshark could crash while reading an 'ERF' file. (Bug 3849) These vulnerabilities could result in a denial of service. A remote attacker could exploit these issues by tricking a user into opening a maliciously crafted capture file. Additionally, if Wireshark is running in promiscuous mode, one of these issues could be exploited remotely (from the same network segment).
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 40999
    published 2009-09-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40999
    title Wireshark / Ethereal 0.9.6 to 1.2.1 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200911-05.NASL
    description The remote host is affected by the vulnerability described in GLSA-200911-05 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark: Ryan Giobbi reported an integer overflow in wiretap/erf.c (CVE-2009-3829). The vendor reported multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560), in the OpcUa dissector (CVE-2009-3241), in packet.c in the GSM A RR dissector (CVE-2009-3242), in the TLS dissector (CVE-2009-3243), in the Paltalk dissector (CVE-2009-3549), in the DCERPC/NT dissector (CVE-2009-3550), and in the dissect_negprot_response() function in packet-smb.c in the SMB dissector (CVE-2009-3551). Impact : A remote attacker could entice a user to open a specially crafted 'erf' file using Wireshark, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. A remote attacker could furthermore send specially crafted packets on a network being monitored by Wireshark or entice a user to open a malformed packet trace file using Wireshark, possibly resulting in a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 42915
    published 2009-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42915
    title GLSA-200911-05 : Wireshark: Multiple vulnerabilities
oval via4
accepted 2013-08-19T04:05:09.003-04:00
class vulnerability
contributors
  • name Prabhu.S.A
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
family windows
id oval:org.mitre.oval:def:6413
status accepted
submitted 2009-09-24T15:11:12
title Unspecified vulnerability in the TLS dissector in Wireshark which causes DOS.
version 7
refmap via4
bid 36408
confirm
misc https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4008
secunia
  • 36754
  • 37409
statements via4
contributor Tomas Hoger
lastmodified 2009-09-24
organization Red Hat
statement Not vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Last major update 21-08-2010 - 01:35
Published 18-09-2009 - 06:30
Last modified 18-09-2017 - 21:29
Back to Top