Buffer overflow in Ethereal_group Ethereal

CVE-2007-6120

The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Vulnerability class: Buffer Overflow

EPSS: 0.020 (78.4th percentile) — read the EPSS interpretation.

Affected products

Ethereal_group Ethereal — versions 0.8.5, 0.8.16, 0.8.17
Wireshark — versions 0.99, 0.99.0, 0.99.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (signature, x_refsource_OVAL, vdb-entry)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (Patch, vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)