Denial of Service : Wireshark 'SIP' and 'NTLMSSP' Denial of Service Vulnerability-01 (Dec 2013)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.804049

Categoría: Denial of Service

Título: Wireshark 'SIP' and 'NTLMSSP' Denial of Service Vulnerability-01 (Dec 2013) - Windows

Resumen: Wireshark is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
Wireshark is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
Flaw is due to an error within the SIP dissector (epan/dissectors/packet-sip.c)
and NTLMSSP v2 dissector.

Vulnerability Impact:
Successful exploitation will allow attackers to cause a DoS (Denial of Service)
and potentially compromise a vulnerable system.

Affected Software/OS:
Wireshark version 1.8.x before 1.8.12 and 1.10.x before 1.10.4 on Windows.

Solution:
Upgrade to Wireshark version 1.8.12 or 1.10.4 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-7112
http://www.mandriva.com/security/advisories?name=MDVSA-2013:296
RedHat Security Advisories: RHSA-2014:0341
http://rhn.redhat.com/errata/RHSA-2014-0341.html
RedHat Security Advisories: RHSA-2014:0342
http://rhn.redhat.com/errata/RHSA-2014-0342.html
http://secunia.com/advisories/56285
http://secunia.com/advisories/56313
SuSE Security Announcement: openSUSE-SU-2014:0013 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00007.html
SuSE Security Announcement: openSUSE-SU-2014:0017 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00011.html
SuSE Security Announcement: openSUSE-SU-2014:0020 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00014.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-7114
Debian Security Information: DSA-2825 (Google Search)
http://www.debian.org/security/2013/dsa-2825
http://secunia.com/advisories/56052

Copyright Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.804049
Categoría:	Denial of Service
Título:	Wireshark 'SIP' and 'NTLMSSP' Denial of Service Vulnerability-01 (Dec 2013) - Windows
Resumen:	Wireshark is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Wireshark is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Flaw is due to an error within the SIP dissector (epan/dissectors/packet-sip.c) and NTLMSSP v2 dissector. Vulnerability Impact: Successful exploitation will allow attackers to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Affected Software/OS: Wireshark version 1.8.x before 1.8.12 and 1.10.x before 1.10.4 on Windows. Solution: Upgrade to Wireshark version 1.8.12 or 1.10.4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7112 http://www.mandriva.com/security/advisories?name=MDVSA-2013:296 RedHat Security Advisories: RHSA-2014:0341 http://rhn.redhat.com/errata/RHSA-2014-0341.html RedHat Security Advisories: RHSA-2014:0342 http://rhn.redhat.com/errata/RHSA-2014-0342.html http://secunia.com/advisories/56285 http://secunia.com/advisories/56313 SuSE Security Announcement: openSUSE-SU-2014:0013 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00007.html SuSE Security Announcement: openSUSE-SU-2014:0017 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00011.html SuSE Security Announcement: openSUSE-SU-2014:0020 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2013-7114 Debian Security Information: DSA-2825 (Google Search) http://www.debian.org/security/2013/dsa-2825 http://secunia.com/advisories/56052
Copyright	Copyright (C) 2013 Greenbone AG