CVE-2006-4331 — Off-by-one Error in Wireshark

8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

3.9%

top 11.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedAug 24

Latest updateMay 1

Description

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 0.99.2-5.1 (bookworm)

▶Debianwireshark/wireshark< 0.99.2-5.1+3

▶NVDwireshark/wireshark0.99.2

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-8g49-gwpq-xm8f: Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0↗2022-05-01

▶

OSV

CVE-2006-4331: Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0↗2006-08-24

▶

📋Vendor Advisories

Red Hat

security flaw↗2006-08-23

▶

Debian

CVE-2006-4331: wireshark - Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (form...↗2006

▶

💬Community

Bugzilla

CVE-2006-4331 security flaw↗2018-08-16

▶

Bugzilla

CVE-2006-4330 Wireshark security issues (CVE-2006-4331 CVE-2006-4333)↗2006-08-25

▶

Bugzilla

CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331)↗2006-08-25

▶