Overview
Wireshark contains a vulnerability in the SSCOP dissector that may cause a denial of service condition.
Description
Wireshark contains a vulnerability in the Service-Specific Connection Oriented Protocol (SSCOP) dissector. Wireshark states that: |
Impact
By sending a malformed packet, a remote attacker may be able to cause the Q2931 dissector to exceed the available memory and cause a denial of service condition. |
Solution
Update |
Workaround |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.wireshark.org/security/wnpa-sec-2006-02.html
- http://www.securityfocus.com/bid/19690
- http://www.frsirt.com/english/advisories/2006/3370
- http://securitytracker.com/id?1016736
- http://secunia.com/advisories/21597
- http://secunia.com/advisories/21649
- http://secunia.com/advisories/21813
- http://secunia.com/advisories/21619
- http://secunia.com/advisories/21682
- http://secunia.com/advisories/21885
- http://xforce.iss.net/xforce/xfdb/28556
- http://xforce.iss.net/xforce/xfdb/28553
- https://issues.rpath.com/browse/RPL-597
- http://www.itu.int/rec/T-REC-Q.2931/en
Acknowledgements
This vulnerability was reported in Wireshark document wnpa-sec-2006-02.
This document was written by Katie Steiner.
Other Information
| CVE IDs: | CVE-2006-4333 |
| Severity Metric: | 0.56 |
| Date Public: | 2006-08-25 |
| Date First Published: | 2006-10-25 |
| Date Last Updated: | 2006-10-25 18:03 UTC |
| Document Revision: | 18 |