General : Wireshark Multiple Vulnerabilities(01)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802945

Categoría: General

Título: Wireshark Multiple Vulnerabilities(01) - August 2012 (Windows)

Resumen: This host is installed with Wireshark and is prone to multiple; vulnerabilities.

Descripción: Summary:
This host is installed with Wireshark and is prone to multiple
vulnerabilities.

Vulnerability Insight:
The flaws are due to

- An error within the pcap-ng file parser, Ixia IxVeriWave file parser and
ERF dissector can be exploited to cause a buffer overflow.

- An error within the MongoDB dissector can be exploited to trigger an
infinite loop and consume excessive CPU resources.

Vulnerability Impact:
Successful exploitation will allow remote attackers to execute arbitrary code
in the context of the application, crash affected application or to consume
excessive CPU resources.

Affected Software/OS:
Wireshark 1.8.x before 1.8.2 on Windows

Solution:
Upgrade to the Wireshark version 1.8.2 or later.

CVSS Score:
5.8

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 55035
Common Vulnerability Exposure (CVE) ID: CVE-2012-4298
http://www.securityfocus.com/bid/55035
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15777
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2012:1067 (Google Search)
https://hermes.opensuse.org/messages/15514562
Common Vulnerability Exposure (CVE) ID: CVE-2012-4295
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
Common Vulnerability Exposure (CVE) ID: CVE-2012-4294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15673
Common Vulnerability Exposure (CVE) ID: CVE-2012-4287
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15818
Common Vulnerability Exposure (CVE) ID: CVE-2012-4286
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15693

Copyright Copyright (C) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802945
Categoría:	General
Título:	Wireshark Multiple Vulnerabilities(01) - August 2012 (Windows)
Resumen:	This host is installed with Wireshark and is prone to multiple; vulnerabilities.
Descripción:	Summary: This host is installed with Wireshark and is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to - An error within the pcap-ng file parser, Ixia IxVeriWave file parser and ERF dissector can be exploited to cause a buffer overflow. - An error within the MongoDB dissector can be exploited to trigger an infinite loop and consume excessive CPU resources. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application, crash affected application or to consume excessive CPU resources. Affected Software/OS: Wireshark 1.8.x before 1.8.2 on Windows Solution: Upgrade to the Wireshark version 1.8.2 or later. CVSS Score: 5.8 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 55035 Common Vulnerability Exposure (CVE) ID: CVE-2012-4298 http://www.securityfocus.com/bid/55035 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15777 http://secunia.com/advisories/50276 http://secunia.com/advisories/51363 http://secunia.com/advisories/54425 SuSE Security Announcement: openSUSE-SU-2012:1067 (Google Search) https://hermes.opensuse.org/messages/15514562 Common Vulnerability Exposure (CVE) ID: CVE-2012-4295 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718 Common Vulnerability Exposure (CVE) ID: CVE-2012-4294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15673 Common Vulnerability Exposure (CVE) ID: CVE-2012-4287 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15818 Common Vulnerability Exposure (CVE) ID: CVE-2012-4286 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15693
Copyright	Copyright (C) 2012 Greenbone Networks GmbH