Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-4805

epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded.

Related bugs and status

CVE-2006-4805 (Candidate) is related to these bugs:

Bug #132915: WireShark versions prior to 0.99.6 vulnerability

		In	Importance	Status
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu)	High	Fix Released
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu Edgy)	High	Fix Released
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu Feisty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://securitytracker...
MISC: http://www.securityfoc...
MISC: ftp://patches.sgi.com/...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.us.debian.o...
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: http://www.kb.cert.org...
MISC: http://support.avaya.c...
MISC: http://www.wireshark.o...
MISC: https://issues.rpath.c...
MISC: https://oval.cisecurit...
MISC: https://exchange.xforc...