Published: 16/07/2008 Updated: 11/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 up to and including 1.0.1 allows remote malicious users to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 0.8.19

wireshark wireshark 0.99.6

wireshark wireshark 0.99.6a

wireshark wireshark 0.99.2

wireshark wireshark 0.99.3

wireshark wireshark 1.0

wireshark wireshark 1.0.0

wireshark wireshark 0.99.4

wireshark wireshark 0.99.5

wireshark wireshark 1.0.1

wireshark wireshark 0.99.0

wireshark wireshark 0.99.1

wireshark wireshark 0.99.8

wireshark wireshark 0.99.7

Vendor Advisories

Synopsis Moderate: wireshark security update Type/Severity Security Advisory: Moderate Topic Updated wireshark packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 3, 4, and 5This update has been rated as having moderate security impact by the RedHat Security Response Tea ...
Several remote vulnerabilities have been discovered in network traffic analyzer Wireshark The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-3137 The GSM SMS dissector is vulnerable to denial of service CVE-2008-3138 The PANA and KISMET dissectors are vulnerable to denial of service CVE-2008-314 ...