ID CVE-2006-4333
Summary The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
References
Vulnerable Configurations
  • cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
CVSS
Base: 5.4 (as of 17-10-2018 - 21:34)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:C
oval via4
accepted 2013-04-29T04:15:48.444-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
family unix
id oval:org.mitre.oval:def:11801
status accepted
submitted 2010-07-09T03:56:16-04:00
title The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
version 24
redhat via4
advisories
bugzilla
id 204066
title wireshark doesn't work as non root user
oval
OR
  • AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhba:tst:20070026001
  • AND
    comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhba:tst:20070304001
rhsa
id RHSA-2006:0658
released 2006-09-12
severity Low
title RHSA-2006:0658: wireshark security update (Low)
refmap via4
bid 19690
bugtraq 20060825 rPSA-2006-0158-1 tshark wireshark
cert-vn VU#696896
confirm
debian DSA-1171
gentoo GLSA-200608-26
mandriva MDKSA-2006:152
sectrack 1016736
secunia
  • 21597
  • 21619
  • 21649
  • 21682
  • 21813
  • 21885
  • 22378
vupen ADV-2006-3370
xf
  • wireshark-esp-offbyone(28553)
  • wireshark-sscop-dos(28556)
Last major update 17-10-2018 - 21:34
Published 24-08-2006 - 20:04
Back to Top