Buffer overflow : Wireshark BER Dissector Stack Consumption Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801553

Categoría: Buffer overflow

Título: Wireshark BER Dissector Stack Consumption Vulnerability - Windows

Resumen: Wireshark is prone to stack consumption vulnerability.

Descripción: Summary:
Wireshark is prone to stack consumption vulnerability.

Vulnerability Insight:
The flaw is due to stack consumption in the 'dissect_ber_unknown()'
function in 'epan/dissectors/packet-ber.c' in the BER dissector, which allows
remote attackers to cause a denial of service (NULL pointer dereference and
crash) via a long string in an unknown 'ASN.1/BER' encoded packet.

Vulnerability Impact:
Successful exploitation will allow attackers to crash the application.

Affected Software/OS:
Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12

Solution:
Upgrade to Wireshark 1.4.1 or 1.2.12 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3445
20100913 Wireshark 1.4.0 Malformed SNMP V1 Packet Denial of Service
http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html
42392
http://secunia.com/advisories/42392
42411
http://secunia.com/advisories/42411
42877
http://secunia.com/advisories/42877
43068
http://secunia.com/advisories/43068
43197
http://www.securityfocus.com/bid/43197
43759
http://secunia.com/advisories/43759
43821
http://secunia.com/advisories/43821
ADV-2010-3067
http://www.vupen.com/english/advisories/2010/3067
ADV-2010-3093
http://www.vupen.com/english/advisories/2010/3093
ADV-2011-0076
http://www.vupen.com/english/advisories/2011/0076
ADV-2011-0212
http://www.vupen.com/english/advisories/2011/0212
ADV-2011-0404
http://www.vupen.com/english/advisories/2011/0404
ADV-2011-0626
http://www.vupen.com/english/advisories/2011/0626
ADV-2011-0719
http://www.vupen.com/english/advisories/2011/0719
DSA-2127
http://www.debian.org/security/2010/dsa-2127
FEDORA-2011-2620
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
FEDORA-2011-2632
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
FEDORA-2011-2648
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
MDVSA-2010:200
http://www.mandriva.com/security/advisories?name=MDVSA-2010:200
RHSA-2010:0924
http://www.redhat.com/support/errata/RHSA-2010-0924.html
RHSA-2011:0370
http://www.redhat.com/support/errata/RHSA-2011-0370.html
SUSE-SR:2011:001
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SUSE-SR:2011:002
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
VU#215900
http://www.kb.cert.org/vuls/id/215900
[oss-security] 20101001 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark
http://www.openwall.com/lists/oss-security/2010/10/01/10
[oss-security] 20101011 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark
http://www.openwall.com/lists/oss-security/2010/10/12/1
http://blogs.sun.com/security/entry/resource_management_errors_vulnerability_in
http://www.wireshark.org/security/wnpa-sec-2010-12.html
http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3445
oval:org.mitre.oval:def:14607
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801553
Categoría:	Buffer overflow
Título:	Wireshark BER Dissector Stack Consumption Vulnerability - Windows
Resumen:	Wireshark is prone to stack consumption vulnerability.
Descripción:	Summary: Wireshark is prone to stack consumption vulnerability. Vulnerability Insight: The flaw is due to stack consumption in the 'dissect_ber_unknown()' function in 'epan/dissectors/packet-ber.c' in the BER dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown 'ASN.1/BER' encoded packet. Vulnerability Impact: Successful exploitation will allow attackers to crash the application. Affected Software/OS: Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12 Solution: Upgrade to Wireshark 1.4.1 or 1.2.12 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3445 20100913 Wireshark 1.4.0 Malformed SNMP V1 Packet Denial of Service http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html 42392 http://secunia.com/advisories/42392 42411 http://secunia.com/advisories/42411 42877 http://secunia.com/advisories/42877 43068 http://secunia.com/advisories/43068 43197 http://www.securityfocus.com/bid/43197 43759 http://secunia.com/advisories/43759 43821 http://secunia.com/advisories/43821 ADV-2010-3067 http://www.vupen.com/english/advisories/2010/3067 ADV-2010-3093 http://www.vupen.com/english/advisories/2010/3093 ADV-2011-0076 http://www.vupen.com/english/advisories/2011/0076 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 ADV-2011-0404 http://www.vupen.com/english/advisories/2011/0404 ADV-2011-0626 http://www.vupen.com/english/advisories/2011/0626 ADV-2011-0719 http://www.vupen.com/english/advisories/2011/0719 DSA-2127 http://www.debian.org/security/2010/dsa-2127 FEDORA-2011-2620 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html FEDORA-2011-2632 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html FEDORA-2011-2648 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html MDVSA-2010:200 http://www.mandriva.com/security/advisories?name=MDVSA-2010:200 RHSA-2010:0924 http://www.redhat.com/support/errata/RHSA-2010-0924.html RHSA-2011:0370 http://www.redhat.com/support/errata/RHSA-2011-0370.html SUSE-SR:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html VU#215900 http://www.kb.cert.org/vuls/id/215900 [oss-security] 20101001 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark http://www.openwall.com/lists/oss-security/2010/10/01/10 [oss-security] 20101011 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark http://www.openwall.com/lists/oss-security/2010/10/12/1 http://blogs.sun.com/security/entry/resource_management_errors_vulnerability_in http://www.wireshark.org/security/wnpa-sec-2010-12.html http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3445 oval:org.mitre.oval:def:14607 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607
Copyright	Copyright (C) 2010 Greenbone AG