CVE-2009-3241

Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
wiresharkwireshark
0.99.6
wiresharkwireshark
0.99.6a:a
wiresharkwireshark
0.99.7
wiresharkwireshark
0.99.8
wiresharkwireshark
0.99.9
wiresharkwireshark
1.0
wiresharkwireshark
1.0.0
wiresharkwireshark
1.0.1
wiresharkwireshark
1.0.2
wiresharkwireshark
1.0.3
wiresharkwireshark
1.0.4
wiresharkwireshark
1.0.5
wiresharkwireshark
1.0.6
wiresharkwireshark
1.0.7
wiresharkwireshark
1.0.8
wiresharkwireshark
1.2
wiresharkwireshark
1.2.0
wiresharkwireshark
1.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
etch
not-affected
sid
4.4.1-1
fixed
trixie
4.4.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ethereal
dapper
ignored
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
wireshark
dapper
dne
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libwireshark9
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 15
2.4.6-1.31
fixed
libwiretap7
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 15
2.4.6-1.31
fixed
libwscodecs1
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 15
2.4.6-1.31
fixed
libwsutil8
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 15
2.4.6-1.31
fixed
wireshark
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 15
2.4.6-1.31
fixed
wireshark-devel
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 15
2.4.6-1.31
fixed
wireshark-gtk
suse enterprise sap 12 SP5
2.4.16-48.51.1
fixed
suse enterprise server 12 SP5
2.4.16-48.51.1
fixed
wireshark-ui-qt
suse enterprise desktop 15
2.4.6-1.31
fixed
suse enterprise sap 15
2.4.6-1.31
fixed
suse enterprise server 15
2.4.6-1.31
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
http://secunia.com/advisories/36754
http://secunia.com/advisories/37409
http://secunia.com/advisories/37477
http://www.debian.org/security/2009/dsa-1942
http://www.securityfocus.com/bid/36408
http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html
http://www.wireshark.org/security/wnpa-sec-2009-05.html
http://www.wireshark.org/security/wnpa-sec-2009-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3986
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6162
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
http://secunia.com/advisories/36754
http://secunia.com/advisories/37409
http://secunia.com/advisories/37477
http://www.debian.org/security/2009/dsa-1942
http://www.securityfocus.com/bid/36408
http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html
http://www.wireshark.org/security/wnpa-sec-2009-05.html
http://www.wireshark.org/security/wnpa-sec-2009-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3986
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6162