CVE-2009-0600

medium

Description

Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.

References

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1937

http://secunia.com/advisories/33872

http://secunia.com/advisories/34144

http://secunia.com/advisories/34264

http://secunia.com/advisories/34344

https://issues.rpath.com/browse/RPL-2984

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10853

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15041

http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00652.html

http://wiki.rpath.com/Advisories:rPSA-2009-0040

http://www.redhat.com/support/errata/RHSA-2009-0313.html

http://www.securitytracker.com/id?1021697

http://www.vupen.com/english/advisories/2009/0370

http://www.wireshark.org/security/wnpa-sec-2009-01.html

Details

Published: 2009-02-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

Detections

Analytics