Vulnerability Name: CVE-2007-6113 (CCN-38739) Assigned: 2007-11-22 Published: 2007-11-22 Updated: 2018-10-15 Summary: Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Low
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P 3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P 3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
Vulnerability Type: CWE-189 Vulnerability Consequences: Denial of Service References: Source: MISChttp://bugs.gentoo.org/show_bug.cgi?id=199958 CVE-2007-6113 SUSE-SR:2008:004 Moderate: wireshark security update Moderate: wireshark security update Wireshark Multiple Denial of Service Vulnerabilities 27777 28197 28207 28288 28304 28325 28564 28583 29048 GLSA-200712-23 3095 Wireshark DNP3 Dissector Bug Lets Remote Users Deny Service Wireshark Wireshark MP3, DNP, SSL, ANSI MAP, Firebird/Interbase, NCP, HTTP, MEGACO, DCP ETSI, OS/400, PPP, Bluetooth SDP, and RPC Portmap Bugs Let Remote Users Deny Service 1018988 wireshark security update (RHSA-2008-0059) wireshark security update (RHSA-2008-0058) http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 Wireshark: Multiple vulnerabilities MDVSA-2008:001 MDVSA-2008:1 RHSA-2008:0058 RHSA-2008:0059 http://www.securiteam.com/securitynews/5LP0V00MAI.html 20070904 Wireshark DNP3 Dissector Infinite Loop Vulnerability 20080103 rPSA-2008-0004-1 tshark wireshark 26532 Wireshark 0.99.6 Multiple Remote Vulnerabilities 1018635 ADV-2007-3956 Wireshark: Download Multiple problems in Wireshark® (formerly Ethereal®) versions 0.8.16 to 0.99.5 http://www.wireshark.org/security/wnpa-sec-2007-03.html wireshark-dnp3-dos(36392) wireshark-dnp-dos(38739) https://issues.rpath.com/browse/RPL-1975 oval:org.mitre.oval:def:9841 4347 FEDORA-2007-4590 FEDORA-2007-4690 SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:wireshark:wireshark:0.6:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.7.9:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.8.16:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.8.20:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.2:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.6:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.10:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.14:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.9.15:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.2:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.3:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.5:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.6:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.7:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:* OR cpe:/a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration RedHat 6 :cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 7 :cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 8 :cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 9 :cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Oval Definitions BACK
wireshark wireshark 0.6
wireshark wireshark 0.7.9
wireshark wireshark 0.8.16
wireshark wireshark 0.8.19
wireshark wireshark 0.8.20
wireshark wireshark 0.9.2
wireshark wireshark 0.9.5
wireshark wireshark 0.9.6
wireshark wireshark 0.9.7
wireshark wireshark 0.9.8
wireshark wireshark 0.9.10
wireshark wireshark 0.9.14
wireshark wireshark 0.9.15
wireshark wireshark 0.10.2
wireshark wireshark 0.10.3
wireshark wireshark 0.10.4
wireshark wireshark 0.10.5
wireshark wireshark 0.10.6
wireshark wireshark 0.10.7
wireshark wireshark 0.10.8
wireshark wireshark 0.10.9
wireshark wireshark 0.10.12
wireshark wireshark 0.10.13
wireshark wireshark 0.10.14
wireshark wireshark 0.99
wireshark wireshark 0.99.0
wireshark wireshark 0.99.1
wireshark wireshark 0.99.2
wireshark wireshark 0.99.3
wireshark wireshark 0.99.4
wireshark wireshark 0.99.5
wireshark wireshark 0.99.6
Denotes that component is vulnerable