|Bugzilla:||454984: CVE-2008-3145 wireshark: crash in the packet reassembling|
The MITRE CVE dictionary describes this issue as:
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.
The affected version of Wireshark as shipped in Red Hat Enterprise Linux 3, 4, and 5 were fixed via: https://rhn.redhat.com/errata/RHSA-2008-0890.html
Red Hat security errata
|Red Hat Enterprise Linux version 3 (wireshark)||RHSA-2008:0890||October 01, 2008|
|Red Hat Enterprise Linux version 4 (wireshark)||RHSA-2008:0890||October 01, 2008|
|Red Hat Enterprise Linux version 5 (wireshark)||RHSA-2008:0890||October 01, 2008|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.