Showing 1 - 2 of 2

CVE-2008-5285

Status Candidate

Overview

Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.

Gentoo Linux Security Advisory 200906-5: Posted Jun 30, 2009; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200906-05 - Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service (application crash) or remote code execution. Versions less than 1.0.8 are affected.; tags | advisory, remote, denial of service, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683, CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2008-6472, CVE-2009-0599, CVE-2009-0600, CVE-2009-0601, CVE-2009-1210, CVE-2009-1266, CVE-2009-1268, CVE-2009-1269, CVE-2009-1829; SHA-256 | 9abde179ffa8459df73612ef3e6e15cda0281f1ff048ad416110dc49dcd432bf; Download | Favorite | View

Mandriva Linux Security Advisory 2008-242: Posted Dec 16, 2008; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2008-242 - Two vulnerabilities were discovered in Wireshark. The first is a vulnerability in the SMTP dissector that could cause it to consume excessive CPU and memory via a long SMTP request. The second is an issue with the WLCCP dissector that could cause it to go into an infinite loop. This update also provides a patch to fix a potential freeze during capture interface selection. This update provides Wireshark 1.0.5, which is not vulnerable to these issues.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2008-5285; SHA-256 | 840b66771085226be1fd9e858799481617847e94ceb192e2d73115dc440e9b9c; Download | Favorite | View

Page 1 of 1 Back 1 Next