Summary
The Remote host is installed with Wireshark, and is prone to multiple vulnerabilities.
Impact
Successful attacks may cause the application to crash via specially crafted packets.
Impact Level: Application
Solution
Upgrade to Wireshark 1.0.4
http://www.wireshark.org/download.html
Insight
The multiple flaws are due to,
a. an error within the Bluetooth ACL dissector, PRP or MATE post dissector.
Versions 0.99.7 through 1.0.3 are affected by this vulnerability.
b. an error within the Q.931 dissector. Versions 0.10.3 through 1.0.3 are affected by this vulnerability.
c. an uninitialized data structures within the Bluetooth RFCOMM and USB Request Block (URB) dissector. Versions 0.99.7 through 1.0.3 are affected by this vulnerability.
Affected
Wireshark versions prior to 1.0.4 on Linux
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683, CVE-2008-4684, CVE-2008-4685 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
- Dell OpenManage Web Server <= 3.7.1
- Apache APR-Utils Multiple Denial of Service Vulnerabilities
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities