 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.804909 |
| Categoría: | Denial of Service |
| Título: | Wireshark DOS Vulnerability-01 (Sep 2014) - Windows |
| Resumen: | Wireshark is prone to a denial of service (DoS) vulnerability. |
| Descripción: | Summary: Wireshark is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Multiple flaws are due to: - SnifferDecompress function does not prevent data overwrites, validate bitmask data, and does not properly handle empty input data. - Improper initialization of certain ID value in the dissect_spdu function under SES dissector. - Off-by-one error in the is_rtsp_request_or_reply function under the RTSP dissector. - The dissect_v9_v10_pdu_data function under Netflow dissector refers incorrect offset and start variables. - An error in tvb_raw_text_add function in MEGACO dissector Vulnerability Impact: Successful exploitation will allow attacker to cause denial of service attack. Affected Software/OS: Wireshark version 1.10.x before 1.10.10 and 1.12.x before 1.12.1 on Windows Solution: Upgrade to version 1.12.1, 1.10.10 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-6430 Debian Security Information: DSA-3049 (Google Search) http://www.debian.org/security/2014/dsa-3049 RedHat Security Advisories: RHSA-2014:1676 http://rhn.redhat.com/errata/RHSA-2014-1676.html RedHat Security Advisories: RHSA-2014:1677 http://rhn.redhat.com/errata/RHSA-2014-1677.html http://secunia.com/advisories/60280 http://secunia.com/advisories/60578 http://secunia.com/advisories/61929 http://secunia.com/advisories/61933 SuSE Security Announcement: SUSE-SU-2014:1221 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html SuSE Security Announcement: openSUSE-SU-2014:1249 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html Common Vulnerability Exposure (CVE) ID: CVE-2014-6428 Common Vulnerability Exposure (CVE) ID: CVE-2014-6427 Common Vulnerability Exposure (CVE) ID: CVE-2014-6432 Common Vulnerability Exposure (CVE) ID: CVE-2014-6431 Common Vulnerability Exposure (CVE) ID: CVE-2014-6429 Common Vulnerability Exposure (CVE) ID: CVE-2014-6423 Common Vulnerability Exposure (CVE) ID: CVE-2014-6424 |
| Copyright | Copyright (C) 2014 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |