{"vuid":"VU#696896","idnumber":"696896","name":"Wireshark SSCOP dissector fails to properly handle malformed packets","keywords":["Wireshark","DoS","denial of service","SSCOP dissector","malformed packets","Q.2931 dissector"],"overview":"Wireshark contains a vulnerability in the SSCOP dissector that may cause a denial-of-service condition.","clean_desc":"Wireshark contains a vulnerability in the Service-Specific Connection Oriented Protocol (SSCOP) dissector. Wireshark states that: If the SSCOP dissector has a port range configured and the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. Wireshark states that Wireshark versions  0.7.9 - 0.99.2 are vulnerable. Note:  Ethereal has changed its name to Wireshark.","impact":"By sending a malformed packet, a remote attacker may be able to cause the Q2931 dissector to exceed the available memory and cause a denial-of-service condition.","resolution":"Update\nWireshark has released an updated product version (Wireshark 0.99.3)","workarounds":"Workaround Wireshark provides a workaround in security document wnpa-sec-2006-02.","sysaffected":"","thanks":"This vulnerability was reported in Wireshark document \nwnpa-sec-2006-02","author":"This document was written by Katie Steiner.","public":["http://www.wireshark.org/security/wnpa-sec-2006-02.html","http://www.securityfocus.com/bid/19690","http://www.frsirt.com/english/advisories/2006/3370","http://securitytracker.com/id?1016736","http://secunia.com/advisories/21597","http://secunia.com/advisories/21649","http://secunia.com/advisories/21813","http://secunia.com/advisories/21619","http://secunia.com/advisories/21682","http://secunia.com/advisories/21885","http://xforce.iss.net/xforce/xfdb/28556","http://xforce.iss.net/xforce/xfdb/28553","https://issues.rpath.com/browse/RPL-597","http://www.itu.int/rec/T-REC-Q.2931/en"],"cveids":["CVE-2006-4333"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-10-11T19:22:13Z","publicdate":"2006-08-25T00:00:00Z","datefirstpublished":"2006-10-25T17:15:56Z","dateupdated":"2006-10-25T18:03:09Z","revision":18,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"2","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"8","cam_easeofexploitation":"1","cam_attackeraccessrequired":"15","cam_scorecurrent":"0.5625","cam_scorecurrentwidelyknown":"0.675","cam_scorecurrentwidelyknownexploited":"1.125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.5625,"vulnote":null}