Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.810700
Kategorie:Denial of Service
Titel:Wireshark 'STANAG 4607' Capture File Denial of Service Vulnerability (Mac OS X)
Zusammenfassung:This host is installed with Wireshark; and is prone to denial of service vulnerability.
Beschreibung:Summary:
This host is installed with Wireshark
and is prone to denial of service vulnerability.

Vulnerability Insight:
The flaw is due to a crafted or
malformed STANAG 4607 capture file will cause an infinite loop and memory
exhaustion. If the packet size field in a packet header is null, the offset
to read from will not advance, causing continuous attempts to read the same
zero length packet. This will quickly exhaust all system memory.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to cause the application to enter an infinite loop and consume
excessive CPU resources, resulting in denial-of-service conditions.

Affected Software/OS:
Wireshark versions 2.2.4 and prior
on Mac OS X

Solution:
Update to Wireshark 2.2.5 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-6014
BugTraq ID: 96284
http://www.securityfocus.com/bid/96284
Debian Security Information: DSA-3811 (Google Search)
http://www.debian.org/security/2017/dsa-3811
https://security.gentoo.org/glsa/201706-12
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.