Wireshark / Ethereal 0.99.6 to 1.0.5 Multiple Denial of Service Vulnerabilities

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is susceptible to multiple
denial of service attacks.

Description :

The installed version of Wireshark or Ethereal is affected by multiple
denial of service issues :

- Wireshark could crash while reading a malformed NetScreen
snoop file. (Bug 3151)

- Wireshark could crash while reading a Tektronix K12
text capture file. (Bug 1937)

See also :

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3151
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1937
http://www.wireshark.org/security/wnpa-sec-2009-01.html
http://www.wireshark.org/news/20090206.html

Solution :

Upgrade to Wireshark 1.0.6 or later.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 2.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 35629 ()

Bugtraq ID: 33690

CVE ID: CVE-2009-0599
CVE-2009-0600

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now