 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.805394 |
| Categoría: | Denial of Service |
| Título: | Wireshark Multiple Denial-of-Service Vulnerabilities-01 (Jun 2015) - Mac OS X |
| Resumen: | Wireshark is prone to multiple denial of service vulnerabilities. |
| Descripción: | Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The 'logcat_dump_text' function in 'wiretap/logcat.c' in the Android Logcat file parser does not properly handle a lack of \0 termination. - The 'detect_version' function in 'wiretap/logcat.c' in the Android Logcat file parser does not check the length of the payload. - The 'fragment_add_work' function in 'epan/reassemble.c' in the packet-reassembly feature does not properly determine the defragmentation state in a case of an insufficient snapshot length. - 'epan/dissectors/packet-websocket.c' in the WebSocket dissector uses a recursive algorithm, which can result in a consumption of CPU resources. - The 'dissect_lbmr_pser' function in 'epan/dissectors/packet-lbmr.c' in the LBMR dissector does not properly track the current offset and does not reject a zero length. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service attack. Affected Software/OS: Wireshark version 1.12.x before 1.12.5 on Mac OS X Solution: Upgrade to version 1.12.5 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-3906 BugTraq ID: 74837 http://www.securityfocus.com/bid/74837 https://security.gentoo.org/glsa/201510-03 Common Vulnerability Exposure (CVE) ID: CVE-2015-3815 BugTraq ID: 74630 http://www.securityfocus.com/bid/74630 Debian Security Information: DSA-3277 (Google Search) http://www.debian.org/security/2015/dsa-3277 https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3813 BugTraq ID: 74633 http://www.securityfocus.com/bid/74633 RedHat Security Advisories: RHSA-2017:0631 http://rhn.redhat.com/errata/RHSA-2017-0631.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3810 BugTraq ID: 74629 http://www.securityfocus.com/bid/74629 Common Vulnerability Exposure (CVE) ID: CVE-2015-3809 BugTraq ID: 74632 http://www.securityfocus.com/bid/74632 Common Vulnerability Exposure (CVE) ID: CVE-2015-3808 BugTraq ID: 74628 http://www.securityfocus.com/bid/74628 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |