CVE-2007-6113
published 2007-11-23CVE-2007-6113: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long…
PriorityP422medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
6.98%
93.3th percentile
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 0.99.6pre1-1 (bookworm) | wireshark 0.99.6pre1-1 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7pf5-64wg-qq2g: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0
ghsa_unreviewed·2022-05-01
CVE-2007-6113 [MEDIUM] GHSA-7pf5-64wg-qq2g: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
OSV
CVE-2007-6113: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0
osv·2007-11-23·CVSS 4.3
CVE-2007-6113 [MEDIUM] CVE-2007-6113: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
Red Hat
wireshark DNP3 flaws
vendor_redhat·2007-11-22·CVSS 4.3
CVE-2007-6113 [MEDIUM] wireshark DNP3 flaws
wireshark DNP3 flaws
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
Statement: Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-6113
The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.
Red Hat
Infinite loop in wireshark's DNP3 dissector
vendor_redhat·2007-09-04·CVSS 4.3
CVE-2007-4721 [MEDIUM] CWE-835 Infinite loop in wireshark's DNP3 dissector
Infinite loop in wireshark's DNP3 dissector
No description is available for this CVE.
Statement: Duplicate of CVE-2007-6113.
Debian
CVE-2007-6113: wireshark - Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) ...
vendor_debian·2007·CVSS 4.3
CVE-2007-6113 [MEDIUM] CVE-2007-6113: wireshark - Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) ...
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
Scope: local
bookworm: resolved (fixed in 0.99.6pre1-1)
bullseye: resolved (fixed in 0.99.6pre1-1)
forky: resolved (fixed in 0.99.6pre1-1)
sid: resolved (fixed in 0.99.6pre1-1)
trixie: resolved (fixed in 0.99.6pre1-1)
No detection rules found.
http://bugs.gentoo.org/show_bug.cgi?id=199958http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.htmlhttp://secunia.com/advisories/27777http://secunia.com/advisories/28197http://secunia.com/advisories/28207http://secunia.com/advisories/28288http://secunia.com/advisories/28304http://secunia.com/advisories/28325http://secunia.com/advisories/28564http://secunia.com/advisories/28583http://secunia.com/advisories/29048http://security.gentoo.org/glsa/glsa-200712-23.xmlhttp://securityreason.com/securityalert/3095http://securitytracker.com/id?1018988http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004http://www.mandriva.com/security/advisories?name=MDVSA-2008:001http://www.mandriva.com/security/advisories?name=MDVSA-2008:1http://www.redhat.com/support/errata/RHSA-2008-0058.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0059.htmlhttp://www.securiteam.com/securitynews/5LP0V00MAI.htmlhttp://www.securityfocus.com/archive/1/478497/100/0/threadedhttp://www.securityfocus.com/archive/1/485792/100/0/threadedhttp://www.securityfocus.com/bid/26532http://www.securitytracker.com/id?1018635http://www.vupen.com/english/advisories/2007/3956http://www.wireshark.org/security/wnpa-sec-2007-03.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36392https://issues.rpath.com/browse/RPL-1975https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9841https://www.exploit-db.com/exploits/4347https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.htmlhttp://bugs.gentoo.org/show_bug.cgi?id=199958http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.htmlhttp://secunia.com/advisories/27777http://secunia.com/advisories/28197http://secunia.com/advisories/28207http://secunia.com/advisories/28288http://secunia.com/advisories/28304http://secunia.com/advisories/28325http://secunia.com/advisories/28564http://secunia.com/advisories/28583http://secunia.com/advisories/29048http://security.gentoo.org/glsa/glsa-200712-23.xmlhttp://securityreason.com/securityalert/3095http://securitytracker.com/id?1018988http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004http://www.mandriva.com/security/advisories?name=MDVSA-2008:001http://www.mandriva.com/security/advisories?name=MDVSA-2008:1http://www.redhat.com/support/errata/RHSA-2008-0058.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0059.htmlhttp://www.securiteam.com/securitynews/5LP0V00MAI.htmlhttp://www.securityfocus.com/archive/1/478497/100/0/threadedhttp://www.securityfocus.com/archive/1/485792/100/0/threadedhttp://www.securityfocus.com/bid/26532http://www.securitytracker.com/id?1018635http://www.vupen.com/english/advisories/2007/3956http://www.wireshark.org/security/wnpa-sec-2007-03.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36392https://issues.rpath.com/browse/RPL-1975https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9841https://www.exploit-db.com/exploits/4347https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html
2007-11-23
Published