FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-3389

This CVE name corresponds to:

Entered Topic
2007-07-06 wireshark -- Multiple problems

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-3389 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-3389
Phase Assigned(20070625)

Description

Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.

References

Source Reference
CONFIRM http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html
CONFIRM http://www.wireshark.org/security/wnpa-sec-2007-02.html
CONFIRM https://issues.rpath.com/browse/RPL-1498
GENTOO GLSA-200708-12
MANDRIVA MDKSA-2007:145
REDHAT RHSA-2007:0710
REDHAT RHSA-2007:0709
REDHAT RHSA-2008:0059
SUSE SUSE-SR:2007:015
BID 24662
OSVDB 37643
OVAL oval:org.mitre.oval:def:9964
VUPEN ADV-2007-2353
SECTRACK 1018315
SECUNIA 26004
SECUNIA 25833
SECUNIA 25987
SECUNIA 26499
SECUNIA 27592
SECUNIA 28583
XF wireshark-chunkedhttp-dos(35207)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.