CVE-2008-3145 Common Vulnerabilities and Exposures

Upstream information

CVE-2008-3145 at MITRE

Description

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entry: 405266 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2008:017, published Fri, 29 Aug 2008 14:00:00 +0000

SUSE Timeline for this CVE

CVE page created: Tue Jul 9 16:09:00 2013
CVE page last modified: Fri Dec 8 16:27:16 2023