CVE-2008-1561

EUVD-2008-1562
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors.  NOTE: Vector 2 might also lead to a hang.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
wiresharkwireshark
0.99.2
wiresharkwireshark
0.99.3
wiresharkwireshark
0.99.4
wiresharkwireshark
0.99.5
wiresharkwireshark
0.99.6
wiresharkwireshark
0.99.7
wiresharkwireshark
0.99.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
etch
not-affected
sid
4.4.1-1
fixed
trixie
4.4.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ethereal
dapper
ignored
edgy
dne
feisty
dne
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
wireshark
dapper
dne
edgy
ignored
feisty
ignored
gutsy
ignored
hardy
Fixed 1.0.0-1
released
intrepid
Fixed 1.0.0-1
released
jaunty
Fixed 1.0.0-1
released
karmic
Fixed 1.0.0-1
released
References
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
http://secunia.com/advisories/29569
http://secunia.com/advisories/29622
http://secunia.com/advisories/29695
http://secunia.com/advisories/29736
http://secunia.com/advisories/29971
http://secunia.com/advisories/32091
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0138
http://www.gentoo.org/security/en/glsa/glsa-200805-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:091
http://www.redhat.com/support/errata/RHSA-2008-0890.html
http://www.securityfocus.com/archive/1/490487/100/0/threaded
http://www.securityfocus.com/bid/28485
http://www.securitytracker.com/id?1019728
http://www.vupen.com/english/advisories/2008/1007/references
http://www.vupen.com/english/advisories/2008/2773
http://www.wireshark.org/security/wnpa-sec-2008-02.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41514
https://exchange.xforce.ibmcloud.com/vulnerabilities/41515
https://issues.rpath.com/browse/RPL-2418
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15089
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9315
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00140.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00228.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
http://secunia.com/advisories/29569
http://secunia.com/advisories/29622
http://secunia.com/advisories/29695
http://secunia.com/advisories/29736
http://secunia.com/advisories/29971
http://secunia.com/advisories/32091
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0138
http://www.gentoo.org/security/en/glsa/glsa-200805-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:091
http://www.redhat.com/support/errata/RHSA-2008-0890.html
http://www.securityfocus.com/archive/1/490487/100/0/threaded
http://www.securityfocus.com/bid/28485
http://www.securitytracker.com/id?1019728
http://www.vupen.com/english/advisories/2008/1007/references
http://www.vupen.com/english/advisories/2008/2773
http://www.wireshark.org/security/wnpa-sec-2008-02.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41514
https://exchange.xforce.ibmcloud.com/vulnerabilities/41515
https://issues.rpath.com/browse/RPL-2418
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15089
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9315
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00140.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00228.html