VDB
CVE-2008-3145
CVE-2008-3145
PUBLISHED
CVSS 5 MEDIUM
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.
EPSS 2.42% · 85.4th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
2.42%
85.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wireshark | wireshark | 0.99.7, 0.8.19, 0.99.0 |
| n/a | n/a | n/a |
Timeline
- Jul 16, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- SUSE-SR:2008:017 vendor-advisory
- http://www.wireshark.org/security/wnpa-sec-2008-04.html url
- 30181 vdb
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2470 url
- 20080729 rPSA-2008-0237-1 tshark wireshark mailing-list
- FEDORA-2008-6440 vendor-advisory
- RHSA-2008:0890 vendor-advisory
- oval:org.mitre.oval:def:9020 vdb
- https://issues.rpath.com/browse/RPL-2684 url
- 31687 third-party-advisory
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0237 url
- ADV-2008-2057 vdb
- GLSA-200808-04 vendor-advisory
- http://anonsvn.wireshark.org/viewvc/index.py?view=rev&revision=25343 url
- wireshark-packets-dos(43719) vdb
- http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm url
- MDVSA-2008:152 vendor-advisory
- 32091 third-party-advisory
- 31044 third-party-advisory
- ADV-2008-2773 vdb
…and 8 more