ID CVE-2008-3139
Summary The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
References
Vulnerable Configurations
  • cpe:2.3:a:rpath:rpath_linux:1:*:*:*:*:*:*:*
    cpe:2.3:a:rpath:rpath_linux:1:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2018 - 20:47)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
accepted 2013-08-19T04:00:27.293-04:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
family windows
id oval:org.mitre.oval:def:14682
status accepted
submitted 2012-02-27T15:34:33.178-04:00
title RTMPT dissector vulnerability in Wireshark 0.99.8 through 1.0.0
version 11
refmap via4
bid 30020
bugtraq 20080703 rPSA-2008-0212-1 tshark wireshark
confirm
fedora FEDORA-2008-6440
gentoo GLSA-200808-04
sectrack 1020404
secunia
  • 30886
  • 30942
  • 31085
  • 31378
  • 31687
suse SUSE-SR:2008:017
vupen ADV-2008-1982
xf wireshark-rtmpt-dos(43517)
statements via4
contributor Tomas Hoger
lastmodified 2008-07-11
organization Red Hat
statement Not vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 11-10-2018 - 20:47
Published 10-07-2008 - 23:41
Back to Top