CVE-2009-4377

EPSS 1.5%

wireshark - several vulnerabilities

Published: 12/21/2009Modified: 4/28/2026

Description

The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

Affected packages (2)

Debian/wiresharkfrom 0, < 1.2.5-1
Debian/wiresharkfrom 0, < 1.0.2-3+lenny8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-4377