Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-4682 — Improper Input Validation in Wireshark

CWE-20 — Improper Input Validation7 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

6.0%

top 9.28%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wireshark Debian Wireshark

Timeline

PublishedOct 22

Latest updateMay 14

Description

wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 1.0.4-1 (bookworm)

▶Debianwireshark/wireshark< 1.0.4-1+3

▶NVDwireshark/wireshark7 versions+6

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-jf24-554x-42mw: wtap↗2022-05-14

▶

OSV

CVE-2008-4682: wtap↗2008-10-22

▶

💥Exploits & PoCs

Exploit-DB

Wireshark 1.0.x - '.ncf' Packet Capture Local Denial of Service↗2008-09-29

▶

📋Vendor Advisories

Red Hat

wireshark: DoS (app abort) via a malformed .ncf file with an unknown/unexpected packet type↗2008-10-01

▶

Debian

CVE-2008-4682: wireshark - wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a deni...↗2008

▶

💬Community

Bugzilla

CVE-2008-4682 wireshark: DoS (app abort) via a malformed .ncf file with an unknown/unexpected packet type↗2008-10-23

▶