Denial of Service : Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15 DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.113444

Categoría: Denial of Service

Título: Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15 DoS Vulnerability - Windows

Resumen: Wireshark is prone to a denial of service (DoS); vulnerability.

Descripción: Summary:
Wireshark is prone to a denial of service (DoS)
vulnerability.

Vulnerability Insight:
If an attacker injects a malformed packet onto the wire or
convinces someone to read a malformed packet trace file, the ASN.1 BER and related dissectors
could crash.

Vulnerability Impact:
Successful exploitation would allow an attacker to crash the
Wireshark application.

Affected Software/OS:
Wireshark versions 2.4.0 through 2.4.15, 2.6.0 through 2.6.9
and 3.0.0 through 3.0.2.

Solution:
Update to version 2.4.16, 2.6.10 or 3.0.3 respectively.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-13619
BugTraq ID: 109293
http://www.securityfocus.com/bid/109293
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q4QVJALLGVVC7MBUT4B4SHQVDXGJKGI7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JY52XAC2UNC4X4ZPIXYMK5SVXV2PO5I3/
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7e90aed666e809c0db5de9d1816802a7dcea28d9
https://www.wireshark.org/security/wnpa-sec-2019-20.html
https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html
SuSE Security Announcement: openSUSE-SU-2019:1965 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00068.html
SuSE Security Announcement: openSUSE-SU-2020:0362 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
https://usn.ubuntu.com/4133-1/

Copyright Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.113444
Categoría:	Denial of Service
Título:	Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15 DoS Vulnerability - Windows
Resumen:	Wireshark is prone to a denial of service (DoS); vulnerability.
Descripción:	Summary: Wireshark is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: If an attacker injects a malformed packet onto the wire or convinces someone to read a malformed packet trace file, the ASN.1 BER and related dissectors could crash. Vulnerability Impact: Successful exploitation would allow an attacker to crash the Wireshark application. Affected Software/OS: Wireshark versions 2.4.0 through 2.4.15, 2.6.0 through 2.6.9 and 3.0.0 through 3.0.2. Solution: Update to version 2.4.16, 2.6.10 or 3.0.3 respectively. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13619 BugTraq ID: 109293 http://www.securityfocus.com/bid/109293 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q4QVJALLGVVC7MBUT4B4SHQVDXGJKGI7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JY52XAC2UNC4X4ZPIXYMK5SVXV2PO5I3/ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7e90aed666e809c0db5de9d1816802a7dcea28d9 https://www.wireshark.org/security/wnpa-sec-2019-20.html https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html SuSE Security Announcement: openSUSE-SU-2019:1965 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00068.html SuSE Security Announcement: openSUSE-SU-2020:0362 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html https://usn.ubuntu.com/4133-1/
Copyright	Copyright (C) 2019 Greenbone AG