Buffer overflow : Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902199

Categoría: Buffer overflow

Título: Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability - Windows

Resumen: Wireshark is prone to a buffer overflow vulnerability.

Descripción: Summary:
Wireshark is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The flaw is due to a buffer overflow error in the SigComp Universal
Decompressor Virtual Machine dissector.

Vulnerability Impact:
It has unknown impact and remote attack vectors.

Affected Software/OS:
Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8

Solution:
Upgrade to Wireshark version 1.0.14 or 1.2.9:

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2287
BugTraq ID: 40728
http://www.securityfocus.com/bid/40728
http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
http://www.mandriva.com/security/advisories?name=MDVSA-2010:144
http://www.openwall.com/lists/oss-security/2010/06/11/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836
http://secunia.com/advisories/40112
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2010/1418
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902199
Categoría:	Buffer overflow
Título:	Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability - Windows
Resumen:	Wireshark is prone to a buffer overflow vulnerability.
Descripción:	Summary: Wireshark is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a buffer overflow error in the SigComp Universal Decompressor Virtual Machine dissector. Vulnerability Impact: It has unknown impact and remote attack vectors. Affected Software/OS: Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8 Solution: Upgrade to Wireshark version 1.0.14 or 1.2.9: CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2287 BugTraq ID: 40728 http://www.securityfocus.com/bid/40728 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.mandriva.com/security/advisories?name=MDVSA-2010:144 http://www.openwall.com/lists/oss-security/2010/06/11/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836 http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2010/1418 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212
Copyright	Copyright (C) 2010 Greenbone AG