ID de Prueba:	1.3.6.1.4.1.25623.1.0.801036
Categoría:	Denial of Service
Título:	Wireshark 'wiretap/erf.c' Unsigned Integer Wrap Vulnerability (Nov 2009) - Windows
Resumen:	Wireshark is prone to unsigned integer wrap vulnerability.
Descripción:	Summary: Wireshark is prone to unsigned integer wrap vulnerability. Vulnerability Insight: The flaw exists due to an integer overflow error in 'wiretap/erf.c' when processing an 'erf' file causes Wireshark to allocate a very large buffer. Vulnerability Impact: Successful remote exploitation will let the attacker execute arbitrary code or cause a Denial of Service. Affected Software/OS: Wireshark version prior to 1.2.2 on Windows. Solution: Upgrade to Wireshark 1.2.2. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3829 CERT/CC vulnerability note: VU#676492 http://www.kb.cert.org/vuls/id/676492 Debian Security Information: DSA-1942 (Google Search) http://www.debian.org/security/2009/dsa-1942 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5979 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9945 http://secunia.com/advisories/37409 http://secunia.com/advisories/37477
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.