Launchpad CVE tracker

CVE 2008-4684

packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.

Related bugs and status

CVE-2008-4684 (Candidate) is related to these bugs:

Bug #290716: [CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities

		In	Importance	Status
290716	[CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities	wireshark (Ubuntu)	Medium	Fix Released
290716	[CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities	Debian	Unknown	Fix Released
290716	[CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities	wireshark (Ubuntu Gutsy)	Medium	Fix Released
290716	[CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities	wireshark (Ubuntu Hardy)	Medium	Fix Released
290716	[CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities	wireshark (Ubuntu Intrepid)	Medium	Fix Released

Bug #305789: Please merge wireshark 1.0.5-1 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	305789	Please merge wireshark 1.0.5-1 (universe) from Debian unstable (main)		wireshark (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-4684

References