CVE-2006-3632

NameCVE-2006-3632
DescriptionBuffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, web search, more)
ReferencesDSA-1127
NVD severityhigh (attack range: remote)
Debian Bugs378745
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wireshark (PTS)squeeze, squeeze (security)1.2.11-6+squeeze14fixed
squeeze (lts)1.8.2-5wheezy16~deb6u1fixed
wheezy (security), wheezy1.8.2-5wheezy16fixed
jessie (security), jessie1.12.1+g01b65bf-4+deb8u3fixed
stretch, sid2.0.1+g59ea380-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
etherealsource(unstable)(unfixed)high378745
etherealsourcesarge0.10.10-2sarge6highDSA-1127
wiresharksource(unstable)0.99.2-1high

Search for package or bug name: Reporting problems