Vulnerability Details

Wireshark SMTP Processing Denial of Service Vulnerability (Linux)

Published: 2008-12-04 13:15:00
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact:
Successful attacks may cause the application to crash via specially crafted packets.

Affected Versions:
Wireshark versions 1.0.4 and prior on Linux

Technical Details:
The flaw is due to an error in the SMTP dissector while processing large SMTP packets.

Recommendations:
Upgrade to Wireshark 1.0.5.

Summary:
The Remote host is installed with Wireshark and is prone to denial of service vulnerability.

Detection Type:
Executable

Solution Type:
Vendor Patch

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2008-5285

CVE Analysis

https://www.mageni.net/cve/CVE-2008-5285

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/32422

References:

http://www.vupen.com/english/advisories/2008/3231

Severity
Medium
CVSS Score
5.0
Published
2008-12-04
Modified
2018-12-03
Category
Denial of Service

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.