Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902197
Kategorie:Denial of Service
Titel:Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)
Zusammenfassung:This host is installed with Wireshark and is prone to Denial of; Service vulnerability.
Beschreibung:Summary:
This host is installed with Wireshark and is prone to Denial of
Service vulnerability.

Vulnerability Insight:
The flaw is caused by a NULL pointer dereference error in the 'SMB PIPE'
dissector, which could be exploited to crash an affected application via
unknown vectors.

Vulnerability Impact:
Successful exploitation will allow the attackers to crash an affected
application.

Affected Software/OS:
Wireshark version 0.8.20 to 1.0.13 and 1.2.0 to 1.2.8

Solution:
Upgrade to Wireshark version 1.0.14 or 1.2.9:

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-2285
BugTraq ID: 40728
http://www.securityfocus.com/bid/40728
http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
http://www.openwall.com/lists/oss-security/2010/06/11/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11488
http://secunia.com/advisories/40112
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2010/1418
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212
CopyrightCopyright (C) 2010 SecPod

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.