Improper input validation in Ethereal_group Ethereal
CVE-2007-6121
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.020 (78.4th percentile) — read the EPSS interpretation.
Affected products
- Ethereal_group Ethereal — versions 0.8.16, 0.8.17, 0.8.17a
- Wireshark — versions 0.8.16, 0.9.8, 0.9.10
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (Patch, vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
- secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)