CVE-2008-3932

Published: Sep 4, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

Affected (29)

Products: Wireshark: Wireshark

1 product

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 0.10.10
Wireshark Wireshark	Version 0.10.11
Wireshark Wireshark	Version 0.10.12
Wireshark Wireshark	Version 0.10.13
Wireshark Wireshark	Version 0.10.14
Wireshark Wireshark	Version 0.10.1
Wireshark Wireshark	Version 0.10.2
Wireshark Wireshark	Version 0.10.3
Wireshark Wireshark	Version 0.10.4
Wireshark Wireshark	Version 0.10.5
Wireshark Wireshark	Version 0.10.6
Wireshark Wireshark	Version 0.10.7
Wireshark Wireshark	Version 0.10.8
Wireshark Wireshark	Version 0.10.9
Wireshark Wireshark	Version 0.9.7
Wireshark Wireshark	Version 0.9.8
Wireshark Wireshark	Version 0.99.0
Wireshark Wireshark	Version 0.99.1
Wireshark Wireshark	Version 0.99.2
Wireshark Wireshark	Version 0.99.3
Wireshark Wireshark	Version 0.99.4
Wireshark Wireshark	Version 0.99.5
Wireshark Wireshark	Version 0.99.6
Wireshark Wireshark	Version 0.99.6a
Wireshark Wireshark	Version 0.99.7
Wireshark Wireshark	Version 0.99.8
Wireshark Wireshark	Version 1.0.0
Wireshark Wireshark	Version 1.0.1
Wireshark Wireshark	Version 1.0.2

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (38)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675

Source: secalert@redhat.com

http://secunia.com/advisories/31864

Source: secalert@redhat.com

http://secunia.com/advisories/31886

Source: secalert@redhat.com

http://secunia.com/advisories/32028

Source: secalert@redhat.com

http://secunia.com/advisories/32091

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-200809-17.xml

Source: secalert@redhat.com

http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm

Source: secalert@redhat.com

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2008:199

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0890.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/496487/100/0/threaded

Source: secalert@redhat.com

http://www.securitytracker.com/id?1020819

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2008/2493

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2008/2773

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2008-05.html

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/45309

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11273

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html

Source: secalert@redhat.com

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/31864

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/31886

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32028

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32091

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200809-17.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2008:199

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0890.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/496487/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1020819

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/2493

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/2773

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2008-05.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/45309

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11273

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.