ID CVE-2009-2563
Summary Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
oval via4
  • accepted 2013-04-29T04:12:22.397-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
    family unix
    id oval:org.mitre.oval:def:11210
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
    version 24
  • accepted 2013-08-19T04:05:07.220-04:00
    class vulnerability
    contributors
    • name Prabhu.S.A
      organization SecPod Technologies
    • name Shane Shaffer
      organization G2, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    definition_extensions
    comment Wireshark is installed on the system.
    oval oval:org.mitre.oval:def:6589
    description Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
    family windows
    id oval:org.mitre.oval:def:6321
    status accepted
    submitted 2009-09-24T15:11:12
    title DOS vulnerability in the Infiniband dissector in Wireshark.
    version 7
redhat via4
rpms
  • wireshark-0:1.0.11-EL3.6
  • wireshark-gnome-0:1.0.11-EL3.6
  • wireshark-0:1.0.11-1.el4_8.5
  • wireshark-gnome-0:1.0.11-1.el4_8.5
  • wireshark-0:1.0.11-1.el5_5.5
  • wireshark-gnome-0:1.0.11-1.el5_5.5
refmap via4
bid 35748
confirm
mandriva
  • MDVSA-2009:194
  • MDVSA-2010:031
mlist
  • [oss-security] 20090917 Re: Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request
  • [oss-security] 20090917 Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request
secunia 35884
vupen ADV-2009-1970
statements via4
contributor Tomas Hoger
lastmodified 2010-04-20
organization Red Hat
statement The affected version of Wireshark as shipped in Red Hat Enterprise Linux 3, 4, and 5 were fixed via: https://rhn.redhat.com/errata/RHSA-2010-0360.html
Last major update 19-09-2017 - 01:29
Published 21-07-2009 - 17:30
Back to Top