CVE-2007-6121

CWE-20Improper Input Validation7 documents7 sources
Severity
5.0MEDIUM
EPSS
2.8%
top 13.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Ethereal Group EtherealWireshark Wireshark
Timeline
PublishedNov 23
Latest updateMay 1

Description

Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

Debianwireshark< 0.99.7~pre1-1+3
NVDwireshark/wireshark11 versions+10
NVDethereal_group/ethereal42 versions+41

Patches

Patch: www.securityfocus.comPatch: www.wireshark.orgPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-295v-qw27-g2wh: Wireshark (formerly Ethereal) 02022-05-01
OSV
CVE-2007-6121: Wireshark (formerly Ethereal) 02007-11-23
CVEList
CVE-2007-6121: Wireshark (formerly Ethereal) 02007-11-23

📋Vendor Advisories

2
Red Hat
wireshark RPC Portmap flaws2007-11-22
Debian
CVE-2007-6121: wireshark - Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause ...2007

💬Community

1
Bugzilla
CVE-2007-6121 wireshark RPC Portmap flaws2007-11-23