PT-2008-4565 · Wireshark+1 · Wireshark+1

Thomas

Published

2008-09-02

Updated

2018-10-11

CVE-2008-3146

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Wireshark versions 0.9.7 through 1.0.2

Description: The issue is related to multiple buffer overflows in the packet ncp2222.inc file, which can be triggered by a crafted NCP packet. This can cause a denial of service, resulting in an application crash, and potentially allow the execution of arbitrary code due to an invalid pointer being used.

Recommendations: For Wireshark versions 0.9.7 through 1.0.2, update to a version that contains a fix for this issue to prevent potential exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2008-3146

DTSA-167-1

RHSA-2008:0890

RHSA-2008_0890

Affected Products

Red Hat

Wireshark

PT-2008-4565 · Wireshark+1 · Wireshark+1

CVE-2008-3146

Weakness Enumeration

Related Identifiers

Affected Products

References · 41