Vulnerabilities > CVE-2006-5740 - Protocol Dissectors Denial of Service vulnerability in Wireshark 0.99.3

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
wireshark
nessus

Summary

Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.

Vulnerable Configurations

Part Description Count
Application
Wireshark
1

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-207.NASL
    description - multiple security issues fixed (#227140) - CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets - CVE-2007-0459 - The HTTP dissector could crash. - CVE-2007-0457 - On some systems, the IEEE 802.11 dissector could crash. - CVE-2007-0456 - On some systems, the LLT dissector could crash. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24303
    published2007-02-09
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24303
    titleFedora Core 5 : wireshark-0.99.5-1.fc5 (2007-207)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2007-207.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24303);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:25");
    
      script_cve_id("CVE-2006-5740", "CVE-2007-0456", "CVE-2007-0457", "CVE-2007-0458", "CVE-2007-0459");
      script_xref(name:"FEDORA", value:"2007-207");
    
      script_name(english:"Fedora Core 5 : wireshark-0.99.5-1.fc5 (2007-207)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora Core host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - multiple security issues fixed (#227140)
    
        - CVE-2007-0459 - The TCP dissector could hang or crash
          while reassembling HTTP packets
    
      - CVE-2007-0459 - The HTTP dissector could crash.
    
        - CVE-2007-0457 - On some systems, the IEEE 802.11
          dissector could crash.
    
      - CVE-2007-0456 - On some systems, the LLT dissector could
        crash.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2007-February/001377.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ba67002f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected wireshark, wireshark-debuginfo and / or
    wireshark-gnome packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-gnome");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/02/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC5", reference:"wireshark-0.99.5-1.fc5")) flag++;
    if (rpm_check(release:"FC5", reference:"wireshark-debuginfo-0.99.5-1.fc5")) flag++;
    if (rpm_check(release:"FC5", reference:"wireshark-gnome-0.99.5-1.fc5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-debuginfo / wireshark-gnome");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2006-0726.NASL
    descriptionNew Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Users of Wireshark should upgrade to these updated packages containing Wireshark version 0.99.4, which is not vulnerable to these issues. From Red Hat Security Advisory 2006:0726 : Several flaws were found in Wireshark
    last seen2020-06-01
    modified2020-06-02
    plugin id67418
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67418
    titleOracle Linux 4 : wireshark (ELSA-2006-0726 / ELSA-2006-0658 / ELSA-2006-0602)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ETHEREAL-2246.NASL
    descriptionVarious problems have been fixed in the network analyzer Ethereal, most leading to crashes of the ethereal program. CVE-2006-5740: A unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart dissector. Potential of exploitability is unknown, but considered low. CVE-2006-4805: A denial of service problem in the XOT dissector can cause it to take up huge amount of memory and crash ethereal. CVE-2006-5469: The WBXML dissector could be used to crash ethereal. CVE-2006-5468: A NULL pointer dereference in the HTTP dissector could crash ethereal.
    last seen2020-06-01
    modified2020-06-02
    plugin id27207
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27207
    titleopenSUSE 10 Security Update : ethereal (ethereal-2246)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0726.NASL
    descriptionNew Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Several flaws were found in Wireshark
    last seen2020-06-01
    modified2020-06-02
    plugin id23677
    published2006-11-20
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/23677
    titleRHEL 2.1 / 3 / 4 : wireshark (RHSA-2006:0726)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2006-1140.NASL
    description - Wed Nov 1 2006 Radek Vokal <rvokal at redhat.com> 0.99.4-1 - upgrade to 0.99.4-1, fixes multiple security issues - CVE-2006-5468 - The HTTP dissector could dereference a NULL pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector (and possibly others) could crash. - CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash. - CVE-2006-4574 - Single byte \0 overflow written onto the heap - Tue Oct 10 2006 Radek Vokal <rvokal at redhat.com> 0.99.4-0.pre1 - upgrade to 0.99.4-0.pre1 - Fri Aug 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.3-1 - upgrade to 0.99.3 - Wireshark 0.99.3 fixes the following vulnerabilities : - the SCSI dissector could crash. Versions affected: CVE-2006-4330 - the IPsec ESP preference parser was susceptible to off-by-one errors. CVE-2006-4331 - a malformed packet could make the Q.2931 dissector use up available memory. CVE-2006-4333 - Tue Jul 18 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-1 - upgrade to 0.99.2 - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.99.2-0.pre1.1 - rebuild - Tue Jul 11 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) - Tue Jun 13 2006 Radek Vokal <rvokal at redhat.com> 0.99.1-0.pre1 - spec file changes - Fri Jun 9 2006 Radek Vokal <rvokal at redhat.com> 0.99.1pre1-1 - initial build for Fedora Core Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24040
    published2007-01-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24040
    titleFedora Core 6 : wireshark-0.99.4-1.fc6 (2006-1140)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-195.NASL
    descriptionVulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24580
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24580
    titleMandrake Linux Security Advisory : wireshark (MDKSA-2006:195)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2006_065.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:065 (ethereal). Various problems have been fixed in the network analyzer Ethereal (now called Wireshark), most of them leading to crashes of the ethereal program. CVE-2006-5740: An unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart dissector. Potential of exploitability is unknown, but considered low. CVE-2006-4805: A denial of service problem in the XOT dissector can cause it to take up huge amount of memory and crash ethereal. CVE-2006-5469: The WBXML dissector could be used to crash ethereal. CVE-2006-5468: A NULL pointer dereference in the HTTP dissector could crash ethereal.
    last seen2019-10-28
    modified2007-02-18
    plugin id24442
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24442
    titleSUSE-SA:2006:065: ethereal
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0726.NASL
    descriptionNew Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Several flaws were found in Wireshark
    last seen2020-06-01
    modified2020-06-02
    plugin id36335
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36335
    titleCentOS 3 / 4 : wireshark (CESA-2006:0726)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ETHEREAL-2248.NASL
    descriptionVarious problems have been fixed in the network analyzer Ethereal, most leading to crashes of the ethereal program. - A unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. (CVE-2006-5740) - A single \0 byte heap overflow was fixed in the MIME multipart dissector. Potential of exploitability is unknown, but considered low. (CVE-2006-4574) - A denial of service problem in the XOT dissector can cause it to take up huge amount of memory and crash ethereal. (CVE-2006-4805) - The WBXML dissector could be used to crash ethereal. (CVE-2006-5469) - A NULL pointer dereference in the HTTP dissector could crash ethereal. (CVE-2006-5468)
    last seen2020-06-01
    modified2020-06-02
    plugin id29420
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29420
    titleSuSE 10 Security Update : ethereal (ZYPP Patch Number 2248)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2006-1141.NASL
    description - Wed Nov 1 2006 Radek Vokal <rvokal at redhat.com> 0.99.4-1.fc5 - upgrade to 0.99.4, fixes multiple security issues - use dist tag - CVE-2006-5468 - The HTTP dissector could dereference a NULL pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector (and possibly others) could crash. - CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash. - CVE-2006-4574 - Single byte \0 overflow written onto the heap - Fri Aug 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.3-fc5.1 - upgrade to 0.99.3-1 - CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331) - Wed Jul 26 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.2 - fix BuildRequires - Tue Jul 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.1 - build for FC5 - Tue Jul 18 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-1 - upgrade to 0.99.2 - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.99.2-0.pre1.1 - rebuild - Tue Jul 11 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) - Tue Jun 13 2006 Radek Vokal <rvokal at redhat.com> 0.99.1-0.pre1 - spec file changes - Fri Jun 9 2006 Radek Vokal <rvokal at redhat.com> 0.99.1pre1-1 - initial build for Fedora Core Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id24041
    published2007-01-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24041
    titleFedora Core 5 : wireshark-0.99.4-1.fc5 (2006-1141)

Oval

  • accepted2013-08-19T04:00:26.472-04:00
    classvulnerability
    contributors
    • nameShane Shaffer
      organizationG2, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    definition_extensions
    commentWireshark is installed on the system.
    ovaloval:org.mitre.oval:def:6589
    descriptionUnspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
    familywindows
    idoval:org.mitre.oval:def:14679
    statusaccepted
    submitted2012-02-27T15:34:33.178-04:00
    titleLDAP dissector vulnerability in Wireshark 0.99.3
    version8
  • accepted2013-04-29T04:19:41.187-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
      ovaloval:org.mitre.oval:def:11831
    • commentCentOS Linux 4.x
      ovaloval:org.mitre.oval:def:16636
    • commentOracle Linux 4.x
      ovaloval:org.mitre.oval:def:15990
    descriptionUnspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
    familyunix
    idoval:org.mitre.oval:def:9482
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleUnspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
    version26

Redhat

advisories
bugzilla
id211993
titleCVE-2006-4574 Multiple Wireshark issues (CVE-2006-4805, CVE-2006-5468, CVE-2006-5469, CVE-2006-5740)
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 4 is installed
      ovaloval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • commentwireshark is earlier than 0:0.99.4-EL4.1
          ovaloval:com.redhat.rhsa:tst:20060726001
        • commentwireshark is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060602004
      • AND
        • commentwireshark-gnome is earlier than 0:0.99.4-EL4.1
          ovaloval:com.redhat.rhsa:tst:20060726003
        • commentwireshark-gnome is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060602002
rhsa
idRHSA-2006:0726
released2006-11-09
severityModerate
titleRHSA-2006:0726: wireshark security update (Moderate)
rpms
  • wireshark-0:0.99.4-AS21.1
  • wireshark-0:0.99.4-EL3.1
  • wireshark-0:0.99.4-EL4.1
  • wireshark-debuginfo-0:0.99.4-EL3.1
  • wireshark-debuginfo-0:0.99.4-EL4.1
  • wireshark-gnome-0:0.99.4-AS21.1
  • wireshark-gnome-0:0.99.4-EL3.1
  • wireshark-gnome-0:0.99.4-EL4.1