CVE-2006-4333

Severity

54%

Complexity

49%

Confidentiality

115%

The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.

The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.

CVSS 2.0 Base Score 5.4. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:C).

Overview

First reported 18 years ago

2006-08-24 20:04:00

Last updated 6 years ago

2018-10-17 21:34:00

Affected Software

Wireshark 0.99.2

0.99.2

References

21597

Patch, Vendor Advisory

21619

21649

21682

21813

21885

22378

GLSA-200608-26

1016736

Patch

http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm

DSA-1171

VU#696896

US Government Resource

MDKSA-2006:152

RHSA-2006:0658

20060825 rPSA-2006-0158-1 tshark wireshark

19690

Patch

ADV-2006-3370

http://www.wireshark.org/security/wnpa-sec-2006-02.html

Patch

wireshark-esp-offbyone(28553)

wireshark-sscop-dos(28556)

https://issues.rpath.com/browse/RPL-597

oval:org.mitre.oval:def:11801

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.