Red Hat Customer Portal

Skip to main content

CVE-2008-3145

Impact:
Low
Public Date:
2008-07-10
Bugzilla:
454984: CVE-2008-3145 wireshark: crash in the packet reassembling

The MITRE CVE dictionary describes this issue as:

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

Find out more about CVE-2008-3145 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

The affected version of Wireshark as shipped in Red Hat Enterprise Linux 3, 4, and 5 were fixed via: https://rhn.redhat.com/errata/RHSA-2008-0890.html

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (wireshark) RHSA-2008:0890 2008-10-01
Red Hat Enterprise Linux 5 (wireshark) RHSA-2008:0890 2008-10-01
Red Hat Enterprise Linux 4 (wireshark) RHSA-2008:0890 2008-10-01

Last Modified