CVE-2008-4684

Publication date 22 October 2008

Last updated 24 July 2024

packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
wireshark	8.10 intrepid	Fixed 1.0.3-1ubuntu2.2
	8.04 LTS hardy	Fixed 1.0.0-1ubuntu0.2
	7.10 gutsy	Fixed 0.99.6rel-3ubuntu0.4
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2008-4684