Summary
The Remote host is installed with Wireshark, and is prone to multiple vulnerabilities.
Impact
Successful attacks may cause the application to crash via specially crafted packets.
Impact Level: Application
Solution
Upgrade to Wireshark 1.0.4
http://www.wireshark.org/download.html
Insight
The multiple flaws are due to,
a. an error within the Bluetooth ACL dissector, PRP or MATE post dissector.
Versions 0.99.7 through 1.0.3 are affected by this vulnerability.
b. an error within the Q.931 dissector. Versions 0.10.3 through 1.0.3 are affected by this vulnerability.
c. an uninitialized data structures within the Bluetooth RFCOMM and USB Request Block (URB) dissector. Versions 0.99.7 through 1.0.3 are affected by this vulnerability.
Affected
Wireshark versions prior to 1.0.4 on Linux
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683, CVE-2008-4684, CVE-2008-4685 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
- Apple Safari 'WebKit.dll' Stack Consumption Vulnerability
- EtherApe RPC Packet Processing Denial of Service Vulnerability
- Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Win)
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)