Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.805394 |
Kategorie: | Denial of Service |
Titel: | Wireshark Multiple Denial-of-Service Vulnerabilities-01 June15 (Mac OS X) |
Zusammenfassung: | This host is installed with Wireshark; and is prone to multiple denial of service vulnerabilities. |
Beschreibung: | Summary: This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The 'logcat_dump_text' function in 'wiretap/logcat.c' in the Android Logcat file parser does not properly handle a lack of \0 termination. - The 'detect_version' function in 'wiretap/logcat.c' in the Android Logcat file parser does not check the length of the payload. - The 'fragment_add_work' function in 'epan/reassemble.c' in the packet-reassembly feature does not properly determine the defragmentation state in a case of an insufficient snapshot length. - 'epan/dissectors/packet-websocket.c' in the WebSocket dissector uses a recursive algorithm, which can result in a consumption of CPU resources. - The 'dissect_lbmr_pser' function in 'epan/dissectors/packet-lbmr.c' in the LBMR dissector does not properly track the current offset and does not reject a zero length. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service attack. Affected Software/OS: Wireshark version 1.12.x before 1.12.5 on Mac OS X Solution: Upgrade to version 1.12.5 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Querverweis: |
BugTraq ID: 74837 BugTraq ID: 74630 BugTraq ID: 74629 BugTraq ID: 74633 BugTraq ID: 74632 BugTraq ID: 74628 Common Vulnerability Exposure (CVE) ID: CVE-2015-3906 http://www.securityfocus.com/bid/74837 https://security.gentoo.org/glsa/201510-03 Common Vulnerability Exposure (CVE) ID: CVE-2015-3815 http://www.securityfocus.com/bid/74630 Debian Security Information: DSA-3277 (Google Search) http://www.debian.org/security/2015/dsa-3277 https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3813 http://www.securityfocus.com/bid/74633 RedHat Security Advisories: RHSA-2017:0631 http://rhn.redhat.com/errata/RHSA-2017-0631.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3810 http://www.securityfocus.com/bid/74629 Common Vulnerability Exposure (CVE) ID: CVE-2015-3809 http://www.securityfocus.com/bid/74632 Common Vulnerability Exposure (CVE) ID: CVE-2015-3808 http://www.securityfocus.com/bid/74628 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |