Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-4574

Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.

Related bugs and status

CVE-2006-4574 (Candidate) is related to these bugs:

Bug #132915: WireShark versions prior to 0.99.6 vulnerability

		In	Importance	Status
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu)	High	Fix Released
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu Edgy)	High	Fix Released
132915	WireShark versions prior to 0.99.6 vulnerability	wireshark (Ubuntu Feisty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://securitytracker...
MISC: http://www.securityfoc...
MISC: ftp://patches.sgi.com/...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.us.debian.o...
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: http://support.avaya.c...
MISC: http://www.wireshark.o...
MISC: https://issues.rpath.c...
MISC: https://oval.cisecurit...
MISC: https://exchange.xforc...