NA
CVSSv3

CVE-2006-4333

CVSSv4: NA | CVSSv3: NA | CVSSv2: 5.4 | VMScore: 640 | EPSS: 0.01939 | KEV: Not Included
Published: 24/08/2006 Updated: 21/11/2024

Vulnerability Summary

The SSCOP dissector in Wireshark (formerly Ethereal) prior to 0.99.3 allows remote malicious users to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.

Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 0.10.4

wireshark wireshark 0.10.13

wireshark wireshark 0.99

wireshark wireshark 0.99.1

wireshark wireshark 0.99.2

Vendor Advisories

Debian Bug report logs - #384529 wnpa-sec-2006-02: multiple problems in Wireshark/Ethereal version 079 to 0992 Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: Sam Morris <sam@robotsorguk> Date: Thu, 24 A ...
Debian Bug report logs - #384528 wnpa-sec-2006-02: Multiple problems in Wireshark/Ethereal Package: ethereal; Maintainer for ethereal is (unknown); Reported by: Sam Morris <sam@robotsorguk> Date: Thu, 24 Aug 2006 22:18:25 UTC Severity: grave Tags: security Found in version ethereal/01010-2sarge4 Fixed in version 099 ...

References

CWE-399https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384529https://www.kb.cert.org/vuls/id/696896https://www.first.org/epsshttp://secunia.com/advisories/21597http://secunia.com/advisories/21619http://secunia.com/advisories/21649http://secunia.com/advisories/21682http://secunia.com/advisories/21813http://secunia.com/advisories/21885http://secunia.com/advisories/22378http://security.gentoo.org/glsa/glsa-200608-26.xmlhttp://securitytracker.com/id?1016736http://support.avaya.com/elmodocs2/security/ASA-2006-227.htmhttp://www.debian.org/security/2006/dsa-1171http://www.kb.cert.org/vuls/id/696896http://www.mandriva.com/security/advisories?name=MDKSA-2006:152http://www.redhat.com/support/errata/RHSA-2006-0658.htmlhttp://www.securityfocus.com/archive/1/444323/100/0/threadedhttp://www.securityfocus.com/bid/19690http://www.vupen.com/english/advisories/2006/3370http://www.wireshark.org/security/wnpa-sec-2006-02.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/28553https://exchange.xforce.ibmcloud.com/vulnerabilities/28556https://issues.rpath.com/browse/RPL-597https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11801http://secunia.com/advisories/21597http://secunia.com/advisories/21619http://secunia.com/advisories/21649http://secunia.com/advisories/21682http://secunia.com/advisories/21813http://secunia.com/advisories/21885http://secunia.com/advisories/22378http://security.gentoo.org/glsa/glsa-200608-26.xmlhttp://securitytracker.com/id?1016736http://support.avaya.com/elmodocs2/security/ASA-2006-227.htmhttp://www.debian.org/security/2006/dsa-1171http://www.kb.cert.org/vuls/id/696896http://www.mandriva.com/security/advisories?name=MDKSA-2006:152http://www.redhat.com/support/errata/RHSA-2006-0658.htmlhttp://www.securityfocus.com/archive/1/444323/100/0/threadedhttp://www.securityfocus.com/bid/19690http://www.vupen.com/english/advisories/2006/3370http://www.wireshark.org/security/wnpa-sec-2006-02.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/28553https://exchange.xforce.ibmcloud.com/vulnerabilities/28556https://issues.rpath.com/browse/RPL-597https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11801