VulDB: Wireshark 1.x NCP Packet Handler denial of service
General
scipID: 3816
Affected: Wireshark 1.x
Published: 09/04/2008 (Thomas Nielsen)
Risk: 
problematic
Entry: 88.7% complete
Created: 09/19/2008
Updated: 09/03/2012
Summary
A vulnerability classified as problematic has been found in Wireshark 1.x. Affected is an unknown function of the component NCP Packet Handler. The manipulation with an unknown input leads to a denial of service vulnerability. This is going to have an impact on availability.
The weakness was released 09/04/2008 by Thomas Nielsen. The advisory is shared for download at wireshark.org. This vulnerability is traded as CVE-2008-3932 since 09/04/2008. It is possible to launch the attack remotely. There are neither technical details nor an exploit publicly available.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at wireshark.org. The vulnerability is also documented in the databases at OSVDB (47932), Secunia (SA31674) and X-Force (45309).CVSS
Base Score: 4.9 (CVSS2#AV:N/AC:H/Au:S/C:N/I:N/A:C) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Denial of service
Local: No
Remote: Yes
Availability: No
Countermeasures
Recommended: Upgrade
0-Day Time: 0 days since found
Patch: wireshark.org
Timeline
09/04/2008 | Advisory disclosed
09/04/2008 | CVE assigned
09/04/2008 | OSVDB entry created
09/19/2008 | VulDB entry created
09/03/2012 | VulDB entry updated
Sources
Advisory: wireshark.org
Researcher: Thomas Nielsen
OSVDB: 47932
CVE: CVE-2008-3932 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 31674
X-Force: 45309
Vupen: ADV-2008-2493
- Latest Entries
- Apple QuickTime DREF Atom Handler buffer overflow [CVE-2013-1017]
- Apple QuickTime H.264 Handler buffer overflow [CVE-2013-1018]
- Apple QuickTime MP3 File Handler buffer overflow [CVE-2013-0989]
- Apple QuickTime Sorenson Codec Handler buffer overflow [CVE-2013-1019]
- Apple QuickTime JPEG Handler buffer overflow [CVE-2013-1020]
- Statistics
- Archive
