CVE-2009-1267 - OpenCVE

Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Wireshark	Wireshark

Configuration 1 [-]

AND

OR	cpe:2.3:a:wireshark:wireshark:0.99.2:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.3:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.4:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.5:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.6:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.6a:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.7:::::::*
	cpe:2.3:a:wireshark:wireshark:0.99.8:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.0:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.1:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.2:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.3:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.4:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.5:::::::*
	cpe:2.3:a:wireshark:wireshark:1.0.6:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://secunia.com/advisories/34778
http://secunia.com/advisories/35416	Vendor Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0062
http://www.securityfocus.com/archive/1/502745/100/0/threaded
http://www.securityfocus.com/bid/34457
http://www.securitytracker.com/id?1022027
http://www.wireshark.org/security/wnpa-sec-2009-02.html	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/49814
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-04-13T16:00:00

Updated: 2018-10-10T18:57:01

Reserved: 2009-04-08T00:00:00

Link: CVE-2009-1267

JSON object: View

NVD Information

Status : Modified

Published: 2009-04-13T16:30:00.313

Modified: 2018-10-10T19:35:39.263

Link: CVE-2009-1267

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.wireshark.org/security/wnpa-sec-2009-02.html"}, {"name": "1022027", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022027"}, {"name": "wireshark-ldap-home-dos(49814)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49814"}, {"name": "34778", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34778"}, {"name": "SUSE-SR:2009:011", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"}, {"name": "20090417 rPSA-2009-0062-1 tshark wireshark", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/502745/100/0/threaded"}, {"name": "34457", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34457"}, {"name": "35416", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35416"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0062"}, {"name": "oval:org.mitre.oval:def:6099", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1267", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.wireshark.org/security/wnpa-sec-2009-02.html", "refsource": "CONFIRM", "url": "http://www.wireshark.org/security/wnpa-sec-2009-02.html"}, {"name": "1022027", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022027"}, {"name": "wireshark-ldap-home-dos(49814)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49814"}, {"name": "34778", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34778"}, {"name": "SUSE-SR:2009:011", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"}, {"name": "20090417 rPSA-2009-0062-1 tshark wireshark", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/502745/100/0/threaded"}, {"name": "34457", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34457"}, {"name": "35416", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35416"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0062", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0062"}, {"name": "oval:org.mitre.oval:def:6099", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1267", "datePublished": "2009-04-13T16:00:00", "dateReserved": "2009-04-08T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "matchCriteriaId": "31C43A78-E578-4B1C-8E33-24529E973E30", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "matchCriteriaId": "A0D56DA6-3EB2-4074-8C43-A5FD93B1555B", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1074B30-F2E6-47CD-8491-29163811E07F", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "matchCriteriaId": "10FAAC5E-DD4E-49EF-A051-2F80BACC20D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB52B779-7A2D-43E0-9F12-C65053002EBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "matchCriteriaId": "6A85B028-7384-403A-817C-B5001F02A8A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "matchCriteriaId": "F2F7D104-7498-4C5F-AE75-6F04D5DA35B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "matchCriteriaId": "801B1795-3DC4-4BE3-A693-37B6BD116B14", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "17808311-AC2A-428A-BB8B-B08549C5DAEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "978C483C-A6F7-456F-9488-833D520D4A1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5BB94CE6-03D3-43C3-B765-AC36961CD83C", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "37FADA30-FD98-42F3-80F1-E8794C77AC76", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8541E3F7-6DCF-4070-ACB0-C6B9C7BE32D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "90E01A6A-D948-4701-9C4E-F8C3FCC52F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FCDCD888-3F3D-4ABC-B6D8-4A9E2C40265C", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "CA3F8A55-10DE-4197-9F9D-5F6570A94860", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el analizador de LDAP de Wireshark desde la versi\u00f3n v0.99.2 hasta la v1.0.6, cuando se ejecuta en Windows, permite a usuarios remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) a trav\u00e9s de vectores de ataque desconocidos."}], "id": "CVE-2009-1267", "lastModified": "2018-10-10T19:35:39.263", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-13T16:30:00.313", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34778"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35416"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0062"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/502745/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34457"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022027"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.wireshark.org/security/wnpa-sec-2009-02.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49814"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6099"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n", "lastModified": "2009-04-17T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}