Wireshark -- SMTP Processing Denial Of Service Vulnerability Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/32840/ http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html http://www.vuxml.org/freebsd/baece347-c489-11dd-a721-0030843d3802.html

Insight

The following packages are affected: wireshark wireshark-lite ethereal ethereal-lite tethereal tethereal-lite CVE-2008-5285 Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.

Severity

Classification

CVE CVE-2008-5285
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeBSD Ports: bind96
FreeBSD Ports: bugzilla, ja-bugzilla
FreeBSD Ports: asterisk16
FreeBSD Ports: apache-tomcat
FreeBSD Ports: apr0

wireshark -- SMTP Processing Denial of Service Vulnerability

Take action and discover your vulnerabilities