// For flags

CVE-2006-3628

rPSA-2006-0132-1.txt

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.

Múltiples vulnerabilidades de formato de cadena en Wireshark (atmbién conocido como Ethereal) 0.10.x a 0.99.0 permite a atacantes remotos provocar denegación de servicio y posiblemente ejecutar código de su eleccción a través de los disectores (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, y (5) NTP.

All versions of the ethereal and tethereal packages contain vulnerabilities in packet dissector modules, which may allow various attacks including subverting the user who is running ethereal. Since ethereal is generally run as root to view network traffic directly, this may allow complete access to the vulnerable system.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-07-17 CVE Reserved
  • 2006-07-18 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-134: Use of Externally-Controlled Format String
CAPEC
References (34)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.0
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.0"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.0a
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.0a"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.1
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.1"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.2
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.2"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.3
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.3"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.4
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.4"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.5
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.5"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.6
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.6"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.7
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.7"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.8
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.8"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.9
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.9"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.10
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.10"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.11
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.11"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.12
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.12"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.13
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.13"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.10.14
Search vendor "Ethereal Group" for product "Ethereal" and version "0.10.14"
-
Affected
Ethereal Group
Search vendor "Ethereal Group"
Ethereal
Search vendor "Ethereal Group" for product "Ethereal"
0.99.0
Search vendor "Ethereal Group" for product "Ethereal" and version "0.99.0"
-
Affected
Wireshark
Search vendor "Wireshark"
Wireshark
Search vendor "Wireshark" for product "Wireshark"
0.10
Search vendor "Wireshark" for product "Wireshark" and version "0.10"
-
Affected
Wireshark
Search vendor "Wireshark"
Wireshark
Search vendor "Wireshark" for product "Wireshark"
0.10.4
Search vendor "Wireshark" for product "Wireshark" and version "0.10.4"
-
Affected
Wireshark
Search vendor "Wireshark"
Wireshark
Search vendor "Wireshark" for product "Wireshark"
0.10.13
Search vendor "Wireshark" for product "Wireshark" and version "0.10.13"
-
Affected
Wireshark
Search vendor "Wireshark"
Wireshark
Search vendor "Wireshark" for product "Wireshark"
0.99
Search vendor "Wireshark" for product "Wireshark" and version "0.99"
-
Affected
Wireshark
Search vendor "Wireshark"
Wireshark
Search vendor "Wireshark" for product "Wireshark"
0.99.1
Search vendor "Wireshark" for product "Wireshark" and version "0.99.1"
-
Affected