Wireshark / Ethereal 0.99.6 to 1.0.5 Multiple Denial of Service Vulnerabilities

low Nessus Plugin ID 35629

Synopsis

The remote host has an application that is susceptible to multiple denial of service attacks.

Description

The installed version of Wireshark or Ethereal is affected by multiple denial of service issues :

- Wireshark could crash while reading a malformed NetScreen snoop file. (Bug 3151)

- Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937)

Solution

Upgrade to Wireshark 1.0.6 or later.

See Also

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1937

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3151

https://www.wireshark.org/news/20090206.html

http://www.wireshark.org/security/wnpa-sec-2009-01.html

Plugin Details

Severity: Low

ID: 35629

File Name: wireshark_1_0_6.nasl

Version: 1.16

Type: Local

Agent: windows

Family: Windows

Published: 2/10/2009

Updated: 3/30/2026

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: installed_sw/Wireshark, SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2009-0599, CVE-2009-0600

BID: 33690

CWE: 119, 20

Secunia: 33872