CVE-2006-3632

Published: Jul 21, 2006Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.

Affected (41)

Products: Ethereal Group: Ethereal

Ethereal Group

1 product

Ethereal

Configuration A

41 vulnerable

Vulnerable Software	Affected Versions
Ethereal Group Ethereal	Version 0.10.0
Ethereal Group Ethereal	Version 0.10.0a
Ethereal Group Ethereal	Version 0.10.10
Ethereal Group Ethereal	Version 0.10.11
Ethereal Group Ethereal	Version 0.10.12
Ethereal Group Ethereal	Version 0.10.13
Ethereal Group Ethereal	Version 0.10.14
Ethereal Group Ethereal	Version 0.10.1
Ethereal Group Ethereal	Version 0.10.2
Ethereal Group Ethereal	Version 0.10.3
Ethereal Group Ethereal	Version 0.10.4
Ethereal Group Ethereal	Version 0.10.5
Ethereal Group Ethereal	Version 0.10.6
Ethereal Group Ethereal	Version 0.10.7
Ethereal Group Ethereal	Version 0.10.8
Ethereal Group Ethereal	Version 0.10.9
Ethereal Group Ethereal	Version 0.10
Ethereal Group Ethereal	Version 0.8.16
Ethereal Group Ethereal	Version 0.8.17
Ethereal Group Ethereal	Version 0.8.17a
Ethereal Group Ethereal	Version 0.8.18
Ethereal Group Ethereal	Version 0.8.19
Ethereal Group Ethereal	Version 0.8.20
Ethereal Group Ethereal	Version 0.9.0
Ethereal Group Ethereal	Version 0.9.10
Ethereal Group Ethereal	Version 0.9.11
Ethereal Group Ethereal	Version 0.9.12
Ethereal Group Ethereal	Version 0.9.13
Ethereal Group Ethereal	Version 0.9.14
Ethereal Group Ethereal	Version 0.9.15
Ethereal Group Ethereal	Version 0.9.16
Ethereal Group Ethereal	Version 0.9.1
Ethereal Group Ethereal	Version 0.9.2
Ethereal Group Ethereal	Version 0.9.3
Ethereal Group Ethereal	Version 0.9.4
Ethereal Group Ethereal	Version 0.9.5
Ethereal Group Ethereal	Version 0.9.6
Ethereal Group Ethereal	Version 0.9.7
Ethereal Group Ethereal	Version 0.9.8
Ethereal Group Ethereal	Version 0.9.9
Ethereal Group Ethereal	Version 0.99.0

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (50)

ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P (unsafe URL)

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2006-0602.html

Source: secalert@redhat.com

http://secunia.com/advisories/21078

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21107

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21121

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21204

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21249

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21467

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21488

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21598

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/22089

Source: secalert@redhat.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200607-09.xml

Source: secalert@redhat.com

http://securitytracker.com/id?1016532

Source: secalert@redhat.com

http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm

Source: secalert@redhat.com

http://www.debian.org/security/2006/dsa-1127

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2006:128

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2006_20_sr.html

Source: secalert@redhat.com

http://www.osvdb.org/27371

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/440576/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/19051

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2006/2850

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2006-01.html

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/27830

Source: secalert@redhat.com

https://issues.rpath.com/browse/RPL-512

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9468

Source: secalert@redhat.com

ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P (unsafe URL)