Vulnerabilities > CVE-2009-1829 - Denial of Service vulnerability in Wireshark PCNFSD Dissector
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2009-5382.NASL description Update to 1.0.8 fixes various security flaws. http://www.wireshark.org/security/wnpa-sec-2009-03.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38907 published 2009-05-26 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38907 title Fedora 10 : wireshark-1.0.8-1.fc10 (2009-5382) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-5382. # include("compat.inc"); if (description) { script_id(38907); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-1210", "CVE-2009-1268", "CVE-2009-1269", "CVE-2009-1829"); script_bugtraq_id(35081); script_xref(name:"FEDORA", value:"2009-5382"); script_name(english:"Fedora 10 : wireshark-1.0.8-1.fc10 (2009-5382)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to 1.0.8 fixes various security flaws. http://www.wireshark.org/security/wnpa-sec-2009-03.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # http://www.wireshark.org/security/wnpa-sec-2009-03.html script_set_attribute( attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2009-03.html" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=501929" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024114.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fdd4af27" ); script_set_attribute( attribute:"solution", value:"Update the affected wireshark package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(20, 134); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:10"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^10([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 10.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC10", reference:"wireshark-1.0.8-1.fc10")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark"); }NASL family Scientific Linux Local Security Checks NASL id SL_20090615_WIRESHARK_ON_SL3_X.NASL description A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829) All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60596 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60596 title Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_A2D4A3304D5411DE88110030843D3802.NASL description Secunia reports : A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS. The vulnerability is caused due to an error in the PCNFSD dissector and can be exploited to cause a crash via a specially crafted PCNFSD packet. last seen 2020-06-01 modified 2020-06-02 plugin id 38967 published 2009-06-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38967 title FreeBSD : wireshark -- PCNFSD Dissector Denial of Service Vulnerability (a2d4a330-4d54-11de-8811-0030843d3802) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-125.NASL description A vulnerability has been identified and corrected in wireshark : o Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets (CVE-2009-1829). This update provides Wireshark 1.0.8, which is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 38981 published 2009-06-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38981 title Mandriva Linux Security Advisory : wireshark (MDVSA-2009:125) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200906-05.NASL description The remote host is affected by the vulnerability described in GLSA-200906-05 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark: David Maciejak discovered a vulnerability in packet-usb.c in the USB dissector via a malformed USB Request Block (URB) (CVE-2008-4680). Florent Drouin and David Maciejak reported an unspecified vulnerability in the Bluetooth RFCOMM dissector (CVE-2008-4681). A malformed Tamos CommView capture file (aka .ncf file) with an last seen 2020-06-01 modified 2020-06-02 plugin id 39580 published 2009-07-01 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39580 title GLSA-200906-05 : Wireshark: Multiple vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1942.NASL description Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2560 A NULL pointer dereference was found in the RADIUS dissector. - CVE-2009-3550 A NULL pointer dereference was found in the DCERP/NT dissector. - CVE-2009-3829 An integer overflow was discovered in the ERF parser. This update also includes fixes for three minor issues (CVE-2008-1829, CVE-2009-2562, CVE-2009-3241 ), which were scheduled for the next stable point update. Also CVE-2009-1268 was fixed for Etch. Since this security update was issued prior to the release of the point update, the fixes were included. last seen 2020-06-01 modified 2020-06-02 plugin id 44807 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44807 title Debian DSA-1942-1 : wireshark - several vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1100.NASL description From Red Hat Security Advisory 2009:1100 : Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829) Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.8, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 67871 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67871 title Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2009-1100) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1100.NASL description Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829) Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.8, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 39411 published 2009-06-16 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39411 title RHEL 3 / 4 / 5 : wireshark (RHSA-2009:1100) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1100.NASL description Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829) Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.8, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 39423 published 2009-06-17 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39423 title CentOS 3 / 5 : wireshark (CESA-2009:1100) NASL family Fedora Local Security Checks NASL id FEDORA_2009-5339.NASL description Upgrade to 1.0.8 fixes various security flaws. http://www.wireshark.org/security/wnpa-sec-2009-02.html http://www.wireshark.org/security/wnpa-sec-2009-03.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38904 published 2009-05-26 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38904 title Fedora 9 : wireshark-1.0.8-1.fc9 (2009-5339)
Oval
| accepted | 2013-04-29T04:18:38.197-04:00 | ||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||
| description | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||||||||||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:9270 | ||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||||||||||
| title | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||||||||||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://osvdb.org/54629
- http://secunia.com/advisories/35201
- http://secunia.com/advisories/35224
- http://secunia.com/advisories/35248
- http://secunia.com/advisories/35464
- http://secunia.com/advisories/37477
- http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0095
- http://www.debian.org/security/2009/dsa-1942
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:125
- http://www.redhat.com/support/errata/RHSA-2009-1100.html
- http://www.securityfocus.com/bid/35081
- http://www.securitytracker.com/id?1022274
- http://www.vupen.com/english/advisories/2009/1408
- http://www.wireshark.org/security/wnpa-sec-2009-03.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50686
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9270
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html