CVE-2007-6112
wireshark ppp flaws
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Desbordamiento de buffer en el PPP dissector Wireshark (formalmente Ethereal) que permite que atacantes remotos provoquen una denegación de servicio (por caída), y que posiblmente ejecuten código de su elección a través de vectores desconocidos.
Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. Versions less than 0.99.7 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-11-23 CVE Reserved
- 2007-11-23 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (27)
| URL | Tag | Source |
|---|---|---|
| http://bugs.gentoo.org/show_bug.cgi?id=199958 | X_refsource_misc | |
| http://secunia.com/advisories/28207 | Third Party Advisory | |
| http://secunia.com/advisories/28325 | Third Party Advisory | |
| http://secunia.com/advisories/28564 | Third Party Advisory | |
| http://secunia.com/advisories/29048 | Third Party Advisory | |
| http://securitytracker.com/id?1018988 | Vdb Entry | |
| http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/485792/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2007/3956 | Vdb Entry | |
| https://issues.rpath.com/browse/RPL-1975 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14561 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9772 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/26532 | 2018-10-15 | |
| http://www.wireshark.org/security/wnpa-sec-2007-03.html | 2018-10-15 |