FreeBSD Local Security Checks : wireshark -- SMTP Processing Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.62851

Categoría: FreeBSD Local Security Checks

Título: wireshark -- SMTP Processing Denial of Service Vulnerability

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to the system
as announced in the referenced advisory.

The following packages are affected:
wireshark
wireshark-lite
ethereal
ethereal-lite
tethereal
tethereal-lite

CVE-2008-5285
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial
of service via a long SMTP request, which triggers an infinite loop.

Solution:
Update your system with the appropriate patches or
software upgrades.

http://secunia.com/advisories/32840/
http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html
http://www.vuxml.org/freebsd/baece347-c489-11dd-a721-0030843d3802.html

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5285
BugTraq ID: 32422
http://www.securityfocus.com/bid/32422
Bugtraq: 20081122 [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack (Google Search)
http://www.securityfocus.com/archive/1/498562/100/0/threaded
Bugtraq: 20081211 rPSA-2008-0336-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/499154/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:242
http://www.openwall.com/lists/oss-security/2008/11/24/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11351
http://www.redhat.com/support/errata/RHSA-2009-0313.html
http://www.securitytracker.com/id?1021275
http://secunia.com/advisories/32840
http://secunia.com/advisories/34144
http://securityreason.com/securityalert/4663
http://www.vupen.com/english/advisories/2008/3231

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.62851
Categoría:	FreeBSD Local Security Checks
Título:	wireshark -- SMTP Processing Denial of Service Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following packages are affected: wireshark wireshark-lite ethereal ethereal-lite tethereal tethereal-lite CVE-2008-5285 Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. Solution: Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/32840/ http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html http://www.vuxml.org/freebsd/baece347-c489-11dd-a721-0030843d3802.html CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5285 BugTraq ID: 32422 http://www.securityfocus.com/bid/32422 Bugtraq: 20081122 [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack (Google Search) http://www.securityfocus.com/archive/1/498562/100/0/threaded Bugtraq: 20081211 rPSA-2008-0336-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/499154/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:242 http://www.openwall.com/lists/oss-security/2008/11/24/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11351 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securitytracker.com/id?1021275 http://secunia.com/advisories/32840 http://secunia.com/advisories/34144 http://securityreason.com/securityalert/4663 http://www.vupen.com/english/advisories/2008/3231
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com