Denial of Service : Wireshark Multiple Denial of Service Vulnerabilities (Jul 2012)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802907

Categoría: Denial of Service

Título: Wireshark Multiple Denial of Service Vulnerabilities (Jul 2012) - Windows

Resumen: Wireshark is prone to multiple denial of service vulnerabilities.

Descripción: Summary:
Wireshark is prone to multiple denial of service vulnerabilities.

Vulnerability Insight:
- Errors in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11,
IEEE 802.3, LTP, and R3 dissectors can be exploited to cause infinite loops
via specially crafted packets.

- An error in the DIAMETER dissector does not properly allocate memory and
can be exploited to cause a crash via a specially crafted packet.

Vulnerability Impact:
Successful exploitation will allow remote attackers to cause a denial of
service.

Affected Software/OS:
Wireshark versions 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on Windows

Solution:
Upgrade to the Wireshark version 1.4.13, 1.6.8 or later.

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2392
1027094
http://www.securitytracker.com/id?1027094
49226
http://secunia.com/advisories/49226
MDVSA-2012:015
http://www.mandriva.com/security/advisories?name=MDVSA-2012:015
MDVSA-2012:042
http://www.mandriva.com/security/advisories?name=MDVSA-2012:042
MDVSA-2012:080
http://www.mandriva.com/security/advisories?name=MDVSA-2012:080
http://www.wireshark.org/security/wnpa-sec-2012-08.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124
oval:org.mitre.oval:def:15604
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604
Common Vulnerability Exposure (CVE) ID: CVE-2012-2393
53652
http://www.securityfocus.com/bid/53652
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-diameter.c?r1=42200&r2=42199&pathrev=42200
http://anonsvn.wireshark.org/viewvc?view=revision&revision=42200
http://www.wireshark.org/security/wnpa-sec-2012-09.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138
oval:org.mitre.oval:def:15558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15558
Common Vulnerability Exposure (CVE) ID: CVE-2012-3825
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15478
Common Vulnerability Exposure (CVE) ID: CVE-2012-3826
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15536

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802907
Categoría:	Denial of Service
Título:	Wireshark Multiple Denial of Service Vulnerabilities (Jul 2012) - Windows
Resumen:	Wireshark is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: - Errors in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors can be exploited to cause infinite loops via specially crafted packets. - An error in the DIAMETER dissector does not properly allocate memory and can be exploited to cause a crash via a specially crafted packet. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service. Affected Software/OS: Wireshark versions 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on Windows Solution: Upgrade to the Wireshark version 1.4.13, 1.6.8 or later. CVSS Score: 3.3 CVSS Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2392 1027094 http://www.securitytracker.com/id?1027094 49226 http://secunia.com/advisories/49226 MDVSA-2012:015 http://www.mandriva.com/security/advisories?name=MDVSA-2012:015 MDVSA-2012:042 http://www.mandriva.com/security/advisories?name=MDVSA-2012:042 MDVSA-2012:080 http://www.mandriva.com/security/advisories?name=MDVSA-2012:080 http://www.wireshark.org/security/wnpa-sec-2012-08.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 oval:org.mitre.oval:def:15604 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604 Common Vulnerability Exposure (CVE) ID: CVE-2012-2393 53652 http://www.securityfocus.com/bid/53652 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-diameter.c?r1=42200&r2=42199&pathrev=42200 http://anonsvn.wireshark.org/viewvc?view=revision&revision=42200 http://www.wireshark.org/security/wnpa-sec-2012-09.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138 oval:org.mitre.oval:def:15558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15558 Common Vulnerability Exposure (CVE) ID: CVE-2012-3825 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15478 Common Vulnerability Exposure (CVE) ID: CVE-2012-3826 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15536
Copyright	Copyright (C) 2012 Greenbone AG