wireshark

• Author: vmiklos
• Vulnerable: 0.99.7-1terminus1
• Unaffected: 0.99.8-1sayshell1

Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors in the SCTP, SNMP, and TFTP dissectors. These can be exploited to cause the application to crash or consume large amounts of memory when processing specially crafted packets that are either captured off the wire or loaded via a capture file.

• Bug Tracker URL: http://bugs.frugalware.org/task/2821

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072