PT-2009-3241 · Wireshark+1 · Wireshark+1

Magnus Homann

Publicado

2009-02-16

Atualizado

2018-10-10

CVE-2009-0600

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Wireshark versions 0.99.6 through 1.0.5

Description The issue allows user-assisted remote attackers to cause a denial of service, resulting in an application crash, through a crafted Tektronix K12 text capture file. This can be achieved with a file containing exactly one frame.

Recommendations For Wireshark versions 0.99.6 through 1.0.5, consider avoiding the use of Tektronix K12 text capture files until a fix is available. As a temporary workaround, restrict the opening of capture files from untrusted sources to minimize the risk of exploitation.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2009-0600

RHSA-2009:0313

RHSA-2009_0313

Produtos afetados

Red Hat

Wireshark

PT-2009-3241 · Wireshark+1 · Wireshark+1

CVE-2009-0600

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 36