CVE-2006-3628
NONE EPSS 92.4%
Published Jul 21, 200619y ago · Modified Jun 16, 20262w ago
Published Jul 21, 2006 19y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
Threat Intelligence
EPSS Exploit Probability
92.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-134
Affected Products 23
| Vendor | Product | Version | Range |
|---|---|---|---|
| ethereal_group | ethereal | 0.10 | any |
| ethereal_group | ethereal | 0.10.0 | any |
| ethereal_group | ethereal | 0.10.0a | any |
| ethereal_group | ethereal | 0.10.1 | any |
| ethereal_group | ethereal | 0.10.2 | any |
| ethereal_group | ethereal | 0.10.3 | any |
| ethereal_group | ethereal | 0.10.4 | any |
| ethereal_group | ethereal | 0.10.5 | any |
| ethereal_group | ethereal | 0.10.6 | any |
| ethereal_group | ethereal | 0.10.7 | any |
| ethereal_group | ethereal | 0.10.8 | any |
| ethereal_group | ethereal | 0.10.9 | any |
| ethereal_group | ethereal | 0.10.10 | any |
| ethereal_group | ethereal | 0.10.11 | any |
| ethereal_group | ethereal | 0.10.12 | any |
| ethereal_group | ethereal | 0.10.13 | any |
| ethereal_group | ethereal | 0.10.14 | any |
| ethereal_group | ethereal | 0.99.0 | any |
| wireshark | wireshark | 0.10 | any |
| wireshark | wireshark | 0.10.4 | any |
| wireshark | wireshark | 0.10.13 | any |
| wireshark | wireshark | 0.99 | any |
| wireshark | wireshark | 0.99.1 | any |
References 32
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2006-0602.html
- secunia.com http://secunia.com/advisories/21078
- secunia.com http://secunia.com/advisories/21107
- secunia.com http://secunia.com/advisories/21121
- secunia.com http://secunia.com/advisories/21204
- secunia.com http://secunia.com/advisories/21249
- secunia.com http://secunia.com/advisories/21467
- secunia.com http://secunia.com/advisories/21488
- secunia.com http://secunia.com/advisories/21598
- secunia.com http://secunia.com/advisories/22089
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200607-09.xml
- securitytracker.com http://securitytracker.com/id?1016532
- support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm
- debian.org http://www.debian.org/security/2006/dsa-1127
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:128
- novell.com http://www.novell.com/linux/security/advisories/2006_20_sr.html
- osvdb.org http://www.osvdb.org/27362
- osvdb.org http://www.osvdb.org/27363
- osvdb.org http://www.osvdb.org/27364
- osvdb.org http://www.osvdb.org/27369
- securityfocus.com http://www.securityfocus.com/archive/1/440576/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/19051
- vupen.com http://www.vupen.com/english/advisories/2006/2850
- wireshark.org http://www.wireshark.org/security/wnpa-sec-2006-01.html
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/27822
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/27823
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/27824
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/27825
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/27828
- issues.rpath.com https://issues.rpath.com/browse/RPL-512
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9175
Remediation
- secunia.com http://secunia.com/advisories/21078
- secunia.com http://secunia.com/advisories/21107
- securityfocus.com http://www.securityfocus.com/bid/19051
- wireshark.org http://www.wireshark.org/security/wnpa-sec-2006-01.html