ID CVE-2007-6439
Summary Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
References
Vulnerable Configurations
  • cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
CVSS
Base: 6.1 (as of 13-02-2023 - 02:18)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:A/AC:L/Au:N/C:N/I:N/A:C
oval via4
  • accepted 2013-04-29T04:04:43.356-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
    family unix
    id oval:org.mitre.oval:def:10331
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
    version 30
  • accepted 2013-08-19T04:00:51.987-04:00
    class vulnerability
    contributors
    • name Shane Shaffer
      organization G2, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    definition_extensions
    comment Wireshark is installed on the system.
    oval oval:org.mitre.oval:def:6589
    description Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
    family windows
    id oval:org.mitre.oval:def:15002
    status accepted
    submitted 2012-02-27T15:34:33.178-04:00
    title IPv6 or USB dissector vulnerability in Wireshark 0.99.6
    version 9
redhat via4
advisories
rhsa
id RHSA-2008:0058
rpms
  • libsmi-0:0.4.5-2.el4
  • libsmi-0:0.4.5-2.el5
  • libsmi-debuginfo-0:0.4.5-2.el4
  • libsmi-debuginfo-0:0.4.5-2.el5
  • libsmi-devel-0:0.4.5-2.el4
  • libsmi-devel-0:0.4.5-2.el5
  • wireshark-0:0.99.7-1.el4
  • wireshark-0:0.99.7-1.el5
  • wireshark-debuginfo-0:0.99.7-1.el4
  • wireshark-debuginfo-0:0.99.7-1.el5
  • wireshark-gnome-0:0.99.7-1.el4
  • wireshark-gnome-0:0.99.7-1.el5
refmap via4
bid 27071
bugtraq 20080103 rPSA-2008-0004-1 tshark wireshark
confirm
gentoo GLSA-200712-23
mandriva
  • MDVSA-2008:001
  • MDVSA-2008:1
misc http://bugs.gentoo.org/show_bug.cgi?id=199958
secunia
  • 27777
  • 28288
  • 28304
  • 28325
  • 28564
  • 29048
suse SUSE-SR:2008:004
xf
  • wireshark-ipv6-dissector-dos(39180)
  • wireshark-usb-dissector-dos(39181)
Last major update 13-02-2023 - 02:18
Published 19-12-2007 - 22:46
Last modified 13-02-2023 - 02:18
Back to Top