CVE-2009-1268

Published: Apr 13, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.

Affected (22)

Products: Wireshark: Wireshark

1 product

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 0.9.6
Wireshark Wireshark	Version 0.9.7
Wireshark Wireshark	Version 0.9.8
Wireshark Wireshark	Version 0.99.0
Wireshark Wireshark	Version 0.99.1
Wireshark Wireshark	Version 0.99.2
Wireshark Wireshark	Version 0.99.3
Wireshark Wireshark	Version 0.99.4
Wireshark Wireshark	Version 0.99.5
Wireshark Wireshark	Version 0.99.6
Wireshark Wireshark	Version 0.99.6a
Wireshark Wireshark	Version 0.99.7
Wireshark Wireshark	Version 0.99.8
Wireshark Wireshark	Version 0.99
Wireshark Wireshark	Version 1.0.0
Wireshark Wireshark	Version 1.0.1
Wireshark Wireshark	Version 1.0.2
Wireshark Wireshark	Version 1.0.3
Wireshark Wireshark	Version 1.0.4
Wireshark Wireshark	Version 1.0.5
Wireshark Wireshark	Version 1.0.6
Wireshark Wireshark	Version 1.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (48)

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Source: cve@mitre.org

http://secunia.com/advisories/34778

Source: cve@mitre.org

http://secunia.com/advisories/34970

Source: cve@mitre.org

http://secunia.com/advisories/35133

Source: cve@mitre.org

http://secunia.com/advisories/35224

Source: cve@mitre.org

http://secunia.com/advisories/35416

Source: cve@mitre.org

http://secunia.com/advisories/35464

Source: cve@mitre.org

http://secunia.com/advisories/37477

Source: cve@mitre.org

http://wiki.rpath.com/Advisories:rPSA-2009-0062

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1785

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1942

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2009:088

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-1100.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/502745/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/34457

Source: cve@mitre.org

http://www.securitytracker.com/id?1022027

Source: cve@mitre.org

http://www.wireshark.org/security/wnpa-sec-2009-02.html

Source: cve@mitre.org

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49815

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10876

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5335

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34778

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34970

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35133

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35224

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35416

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35464

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/37477

Source: af854a3a-2127-422b-91ae-364da2661108

http://wiki.rpath.com/Advisories:rPSA-2009-0062

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1785

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1942

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2009:088

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-1100.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/502745/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/34457

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1022027

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2009-02.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49815

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10876

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5335

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.