Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3241 — Wireshark vulnerability

7 documents7 sources

Severity

7.8HIGHNVD

EPSS

4.8%

top 10.53%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wireshark Debian Wireshark

Timeline

PublishedSep 18

Latest updateMay 2

Description

Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 1.2.2-1 (bookworm)

▶Debianwireshark/wireshark< 1.2.2-1+3

▶NVDwireshark/wireshark18 versions+17

Patches

Patch: www.wireshark.org ↗Patch: www.wireshark.org ↗

🔴Vulnerability Details

GHSA

GHSA-grh9-678v-4762: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0↗2022-05-02

▶

OSV

CVE-2009-3241: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0↗2009-09-18

▶

💥Exploits & PoCs

Exploit-DB

Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)↗2009-09-15

▶

📋Vendor Advisories

Red Hat

Wireshark: DoS (excessive CPU use) in OPCUA dissector↗2009-09-06

▶

Debian

CVE-2009-3241: wireshark - Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 th...↗2009

▶

💬Community

Bugzilla

CVE-2009-3241 Wireshark: DoS (excessive CPU use) in OPCUA dissector↗2009-09-17

▶