Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.807579
Kategorie:Denial of Service
Titel:Wireshark Multiple Denial of Service Vulnerabilities -02 May16 (Mac OS X)
Zusammenfassung:Wireshark is prone to multiple denial of service vulnerabilities.
Beschreibung:Summary:
Wireshark is prone to multiple denial of service vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- 'epan/proto.c' script does not limit the protocol-tree depth.

- The IEEE 802.11 dissector does not properly restrict element lists.

- 'epan/dissectors/packet-pktc.c' script in the PKTC dissector does not
verify BER identifiers.

- 'epan/dissectors/packet-pktc.c' script in the PKTC dissector misparses
timestamp fields.

- An incorrect integer data type usage by 'epan/dissectors/packet-iax2.c'
script in the IAX2 dissector.

- An incorrect array indexing by 'epan/dissectors/packet-gsm_cbch.c' script
in the GSM CBCH dissector.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to conduct denial of service attack.

Affected Software/OS:
Wireshark version 1.12.x before 1.12.11
and 2.0.x before 2.0.3 on Mac OS X

Solution:
Upgrade to Wireshark version 1.12.11 or
or 2.0.3 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-4006
Debian Security Information: DSA-3585 (Google Search)
http://www.debian.org/security/2016/dsa-3585
http://www.securitytracker.com/id/1035685
Common Vulnerability Exposure (CVE) ID: CVE-2016-4078
Common Vulnerability Exposure (CVE) ID: CVE-2016-4079
Common Vulnerability Exposure (CVE) ID: CVE-2016-4080
Common Vulnerability Exposure (CVE) ID: CVE-2016-4081
Common Vulnerability Exposure (CVE) ID: CVE-2016-4082
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.