FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wireshark -- SMTP Processing Denial of Service Vulnerability

Affected packages
ethereal < 1.0.4_1
ethereal-lite < 1.0.4_1
tethereal < 1.0.4_1
tethereal-lite < 1.0.4_1
wireshark < 1.0.4_1
wireshark-lite < 1.0.4_1

Details

VuXML ID baece347-c489-11dd-a721-0030843d3802
Discovery 2008-11-24
Entry 2008-12-07

Secunia reports:

A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS.

The vulnerability is caused due to an error in the SMTP dissector and can be exploited to trigger the execution of an infinite loop via a large SMTP packet.

[source]

References

CVE Name CVE-2008-5285
URL http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html
URL http://secunia.com/advisories/32840/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.

OSZAR »