Unrated severityNVD Advisory· Published Jul 16, 2008· Updated Apr 23, 2026
CVE-2008-3145
CVE-2008-3145
Description
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.
Affected products
14cpe:2.3:a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- secunia.com/advisories/31044nvdPatchVendor Advisory
- secunia.com/advisories/31085nvdVendor Advisory
- anonsvn.wireshark.org/viewvc/index.pynvd
- lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlnvd
- secunia.com/advisories/31257nvd
- secunia.com/advisories/31378nvd
- secunia.com/advisories/31687nvd
- secunia.com/advisories/32091nvd
- secunia.com/advisories/32944nvd
- security.gentoo.org/glsa/glsa-200808-04.xmlnvd
- securitytracker.com/idnvd
- support.avaya.com/elmodocs2/security/ASA-2008-392.htmnvd
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0237nvd
- www.debian.org/security/2008/dsa-1673nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2008-0890.htmlnvd
- www.securityfocus.com/archive/1/494859/100/0/threadednvd
- www.securityfocus.com/bid/30181nvd
- www.vupen.com/english/advisories/2008/2057/referencesnvd
- www.vupen.com/english/advisories/2008/2773nvd
- www.wireshark.org/security/wnpa-sec-2008-04.htmlnvd
- bugs.wireshark.org/bugzilla/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43719nvd
- issues.rpath.com/browse/RPL-2684nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9020nvd
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00544.htmlnvd
News mentions
0No linked articles in our index yet.