Denial of Service : Wireshark Multiple Denial of Service Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802200

Categoría: Denial of Service

Título: Wireshark Multiple Denial of Service Vulnerabilities - Windows

Resumen: Wireshark is prone to multiple denial of service vulnerabilities.

Descripción: Summary:
Wireshark is prone to multiple denial of service vulnerabilities.

Vulnerability Insight:
- An error in the DICOM dissector can be exploited to cause an infinite loop
when processing certain malformed packets.

- An error when processing a Diameter dictionary file can be exploited to
cause the process to crash.

- An error when processing a snoop file can be exploited to cause the process
to crash.

- An error when processing compressed capture data can be exploited to cause
the process to crash.

- An error when processing a Visual Networks file can be exploited to cause
the process to crash.

Vulnerability Impact:
Successful exploitation will allow remote attackers to cause a denial of
service.

Affected Software/OS:
Wireshark versions 1.2.x before 1.2.17 and 1.4.x before 1.4.7.

Solution:
Upgrade to the Wireshark version 1.2.17 or 1.4.7 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1957
44449
http://secunia.com/advisories/44449
44958
http://secunia.com/advisories/44958
45149
http://secunia.com/advisories/45149
48066
http://www.securityfocus.com/bid/48066
48947
http://secunia.com/advisories/48947
DSA-2274
http://www.debian.org/security/2011/dsa-2274
FEDORA-2011-7821
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html
FEDORA-2011-7846
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html
FEDORA-2011-7858
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html
[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues
http://openwall.com/lists/oss-security/2011/05/31/20
[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues
http://openwall.com/lists/oss-security/2011/06/01/1
http://openwall.com/lists/oss-security/2011/06/01/11
http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958
http://www.wireshark.org/security/wnpa-sec-2011-07.html
http://www.wireshark.org/security/wnpa-sec-2011-08.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876
https://bugzilla.redhat.com/show_bug.cgi?id=710021
oval:org.mitre.oval:def:14325
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325
wireshark-dicom-dos(67790)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67790
Common Vulnerability Exposure (CVE) ID: CVE-2011-1958
RHSA-2013:0125
http://rhn.redhat.com/errata/RHSA-2013-0125.html
https://bugzilla.redhat.com/show_bug.cgi?id=710184
oval:org.mitre.oval:def:15045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045
wireshark-diameter-dos(67791)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67791
Common Vulnerability Exposure (CVE) ID: CVE-2011-1959
http://anonsvn.wireshark.org/viewvc?view=revision&revision=37068
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5912
https://bugzilla.redhat.com/show_bug.cgi?id=710039
oval:org.mitre.oval:def:14656
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14656
wireshark-snoop-dos(67792)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67792
Common Vulnerability Exposure (CVE) ID: CVE-2011-2174
http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908
https://bugzilla.redhat.com/show_bug.cgi?id=710097
oval:org.mitre.oval:def:14777
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14777
wireshark-compressed-packet-dos(67793)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67793
Common Vulnerability Exposure (CVE) ID: CVE-2011-2175
http://anonsvn.wireshark.org/viewvc?view=revision&revision=37128
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5934
https://bugzilla.redhat.com/show_bug.cgi?id=710109
oval:org.mitre.oval:def:14645
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14645

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802200
Categoría:	Denial of Service
Título:	Wireshark Multiple Denial of Service Vulnerabilities - Windows
Resumen:	Wireshark is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: - An error in the DICOM dissector can be exploited to cause an infinite loop when processing certain malformed packets. - An error when processing a Diameter dictionary file can be exploited to cause the process to crash. - An error when processing a snoop file can be exploited to cause the process to crash. - An error when processing compressed capture data can be exploited to cause the process to crash. - An error when processing a Visual Networks file can be exploited to cause the process to crash. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service. Affected Software/OS: Wireshark versions 1.2.x before 1.2.17 and 1.4.x before 1.4.7. Solution: Upgrade to the Wireshark version 1.2.17 or 1.4.7 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1957 44449 http://secunia.com/advisories/44449 44958 http://secunia.com/advisories/44958 45149 http://secunia.com/advisories/45149 48066 http://www.securityfocus.com/bid/48066 48947 http://secunia.com/advisories/48947 DSA-2274 http://www.debian.org/security/2011/dsa-2274 FEDORA-2011-7821 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html FEDORA-2011-7846 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html FEDORA-2011-7858 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html [oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues http://openwall.com/lists/oss-security/2011/05/31/20 [oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues http://openwall.com/lists/oss-security/2011/06/01/1 http://openwall.com/lists/oss-security/2011/06/01/11 http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958 http://www.wireshark.org/security/wnpa-sec-2011-07.html http://www.wireshark.org/security/wnpa-sec-2011-08.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876 https://bugzilla.redhat.com/show_bug.cgi?id=710021 oval:org.mitre.oval:def:14325 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325 wireshark-dicom-dos(67790) https://exchange.xforce.ibmcloud.com/vulnerabilities/67790 Common Vulnerability Exposure (CVE) ID: CVE-2011-1958 RHSA-2013:0125 http://rhn.redhat.com/errata/RHSA-2013-0125.html https://bugzilla.redhat.com/show_bug.cgi?id=710184 oval:org.mitre.oval:def:15045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045 wireshark-diameter-dos(67791) https://exchange.xforce.ibmcloud.com/vulnerabilities/67791 Common Vulnerability Exposure (CVE) ID: CVE-2011-1959 http://anonsvn.wireshark.org/viewvc?view=revision&revision=37068 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5912 https://bugzilla.redhat.com/show_bug.cgi?id=710039 oval:org.mitre.oval:def:14656 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14656 wireshark-snoop-dos(67792) https://exchange.xforce.ibmcloud.com/vulnerabilities/67792 Common Vulnerability Exposure (CVE) ID: CVE-2011-2174 http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908 https://bugzilla.redhat.com/show_bug.cgi?id=710097 oval:org.mitre.oval:def:14777 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14777 wireshark-compressed-packet-dos(67793) https://exchange.xforce.ibmcloud.com/vulnerabilities/67793 Common Vulnerability Exposure (CVE) ID: CVE-2011-2175 http://anonsvn.wireshark.org/viewvc?view=revision&revision=37128 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5934 https://bugzilla.redhat.com/show_bug.cgi?id=710109 oval:org.mitre.oval:def:14645 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14645
Copyright	Copyright (C) 2011 Greenbone AG