ID de Prueba:	1.3.6.1.4.1.25623.1.0.811596
Categoría:	Denial of Service
Título:	Wireshark 'IrCOMM' And 'MSDP' Dissectors DoS Vulnerabilities - Windows
Resumen:	Wireshark is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Missing length validation in 'epan/dissectors/packet-msdp.c' so that the MSDP dissector could go into an infinite loop. - Missing length validation in 'plugins/irda/packet-ircomm.c' so that the IrCOMM dissector could read past the end of a buffer. Vulnerability Impact: Successful exploitation will allow attackers to make Wireshark crash and also consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected Software/OS: Wireshark version 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 on Windows. Solution: Upgrade to Wireshark version 2.4.1 or 2.2.9 or 2.0.15 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13765 BugTraq ID: 100551 http://www.securityfocus.com/bid/100551 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html http://www.securitytracker.com/id/1039254 Common Vulnerability Exposure (CVE) ID: CVE-2017-13767 BugTraq ID: 100549 http://www.securityfocus.com/bid/100549
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.