5
CVSSv2

CVE-2007-3389

Published: 26/06/2007 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 540
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Wireshark prior to 0.99.6 allows remote malicious users to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 0.99.0

wireshark wireshark 0.99.1

wireshark wireshark 0.99.5

wireshark wireshark 0.99.2

wireshark wireshark 0.99.3

wireshark wireshark 0.99.4

Metasploit Modules

Wireshark chunked_encoding_dissector Function DOS

Wireshark crash when dissecting an HTTP chunked response. Versions affected: 0.99.5 (Bug 1394)

msf > use auxiliary/dos/wireshark/chunked
      msf auxiliary(chunked) > show actions
            ...actions...
      msf auxiliary(chunked) > set ACTION <action-name>
      msf auxiliary(chunked) > show options
            ...show and set options...
      msf auxiliary(chunked) > run