VDB
CISA-2024-8250
CISA-2024-8250
PUBLISHED
CVSS 7.8 HIGH
Reported by GitLab · Published August 28, 2024
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
Risk Scores
CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wireshark Foundation | Wireshark | 4.2.0, 4.0.0 |
| wireshark | wireshark | 4.0.0, 4.2.0, 4.2.0 |
| Wireshark Foundation | Wireshark | 4.0.0, 4.2.0, 4.2.0 |
Timeline
- Aug 28, 2024 CVE Published
- Aug 29, 2024 CVE Updated
References
- GitLab Issue #19943 issue-trackingpermissions-required
- https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html url