CVE-2006-4333 | Vulnerability Database | Aqua Security

The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.

Affected Software

Name	Vendor	Start Version	End Version
Wireshark	Wireshark	0.10.4 (including)	0.10.4 (including)
Wireshark	Wireshark	0.10.13 (including)	0.10.13 (including)
Wireshark	Wireshark	0.99 (including)	0.99 (including)
Wireshark	Wireshark	0.99.1 (including)	0.99.1 (including)
Wireshark	Wireshark	0.99.2 (including)	0.99.2 (including)
Red Hat Enterprise Linux 3	RedHat	wireshark-0:0.99.3-EL3.2	*
Red Hat Enterprise Linux 4	RedHat	wireshark-0:0.99.3-EL4.2	*
Wireshark	Ubuntu	devel	*
Wireshark	Ubuntu	edgy	*
Wireshark	Ubuntu	feisty	*

References

http://secunia.com/advisories/21597
http://secunia.com/advisories/21619
http://secunia.com/advisories/21649
http://secunia.com/advisories/21682
http://secunia.com/advisories/21813
http://secunia.com/advisories/21885
http://secunia.com/advisories/22378
http://security.gentoo.org/glsa/glsa-200608-26.xml
http://securitytracker.com/id?1016736
http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm
http://www.debian.org/security/2006/dsa-1171
http://www.kb.cert.org/vuls/id/696896
http://www.mandriva.com/security/advisories?name=MDKSA-2006:152
http://www.redhat.com/support/errata/RHSA-2006-0658.html
http://www.securityfocus.com/archive/1/444323/100/0/threaded
http://www.securityfocus.com/bid/19690
http://www.vupen.com/english/advisories/2006/3370
http://www.wireshark.org/security/wnpa-sec-2006-02.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/28553
https://exchange.xforce.ibmcloud.com/vulnerabilities/28556
https://issues.rpath.com/browse/RPL-597
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11801

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-4333
CWE	https://cwe.mitre.org/data/definitions/399.html