Test Kennung:	1.3.6.1.4.1.25623.1.0.811597
Kategorie:	Denial of Service
Titel:	Wireshark 'IrCOMM' And 'MSDP' Dissectors DoS Vulnerabilities - Mac OS X
Zusammenfassung:	Wireshark is prone to multiple denial of service vulnerabilities.
Beschreibung:	Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Missing length validation in 'epan/dissectors/packet-msdp.c' so that the MSDP dissector could go into an infinite loop. - Missing length validation in 'plugins/irda/packet-ircomm.c' so that the IrCOMM dissector could read past the end of a buffer. Vulnerability Impact: Successful exploitation will allow attackers to make Wireshark crash and also consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected Software/OS: Wireshark version 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 on Mac OS X. Solution: Upgrade to Wireshark version 2.4.1 or 2.2.9 or 2.0.15 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13765 BugTraq ID: 100551 http://www.securityfocus.com/bid/100551 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html http://www.securitytracker.com/id/1039254 Common Vulnerability Exposure (CVE) ID: CVE-2017-13767 BugTraq ID: 100549 http://www.securityfocus.com/bid/100549
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.