CVE-2009-3241 | Vulnerability Database | Aqua Security

Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.

Affected Software

Name	Vendor	Start Version	End Version
Wireshark	Wireshark	0.99.6	0.99.6
Wireshark	Wireshark	0.99.6a	0.99.6a
Wireshark	Wireshark	0.99.7	0.99.7
Wireshark	Wireshark	0.99.8	0.99.8
Wireshark	Wireshark	0.99.9	0.99.9
Wireshark	Wireshark	1.0	1.0
Wireshark	Wireshark	1.0.0	1.0.0
Wireshark	Wireshark	1.0.1	1.0.1
Wireshark	Wireshark	1.0.2	1.0.2
Wireshark	Wireshark	1.0.3	1.0.3
Wireshark	Wireshark	1.0.4	1.0.4
Wireshark	Wireshark	1.0.5	1.0.5
Wireshark	Wireshark	1.0.6	1.0.6
Wireshark	Wireshark	1.0.7	1.0.7
Wireshark	Wireshark	1.0.8	1.0.8
Wireshark	Wireshark	1.2	1.2
Wireshark	Wireshark	1.2.0	1.2.0
Wireshark	Wireshark	1.2.1	1.2.1

References

http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
http://secunia.com/advisories/36754
http://secunia.com/advisories/37409
http://secunia.com/advisories/37477
http://www.debian.org/security/2009/dsa-1942
http://www.securityfocus.com/bid/36408
http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html
http://www.wireshark.org/security/wnpa-sec-2009-05.html
http://www.wireshark.org/security/wnpa-sec-2009-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3986
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6162

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-3241
CWE	https://cwe.mitre.org/data/definitions/.html