Buffer overflow : Wireshark DECT Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.903023

Categoría: Buffer overflow

Título: Wireshark DECT Buffer Overflow Vulnerability - Mac OS X

Resumen: Wireshark is prone to a buffer overflow vulnerability.

Descripción: Summary:
Wireshark is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The flaw is due to error in the 'DECT' dissector when processing
malformed data, which could allow code execution via malformed packets or
a malicious PCAP file.

Vulnerability Impact:
Successful exploitation could allow attackers to cause buffer overflow and
execute arbitrary code on the system.

Affected Software/OS:
Wireshark version 1.4.0 through 1.4.4

Solution:
Upgrade to the Wireshark version 1.4.5 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1591
1025389
http://securitytracker.com/id?1025389
17185
http://www.exploit-db.com/exploits/17185
17195
http://www.exploit-db.com/exploits/17195
44172
http://secunia.com/advisories/44172
44374
http://secunia.com/advisories/44374
71848
http://www.osvdb.org/71848
ADV-2011-1022
http://www.vupen.com/english/advisories/2011/1022
ADV-2011-1106
http://www.vupen.com/english/advisories/2011/1106
FEDORA-2011-5529
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
FEDORA-2011-5569
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
FEDORA-2011-5621
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
MDVSA-2011:083
http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
VU#243670
http://www.kb.cert.org/vuls/id/243670
[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5
http://openwall.com/lists/oss-security/2011/04/18/8
[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5
http://openwall.com/lists/oss-security/2011/04/18/2
http://www.wireshark.org/security/wnpa-sec-2011-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838
oval:org.mitre.oval:def:15000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15000
wireshark-dect-bo(66834)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66834

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.903023
Categoría:	Buffer overflow
Título:	Wireshark DECT Buffer Overflow Vulnerability - Mac OS X
Resumen:	Wireshark is prone to a buffer overflow vulnerability.
Descripción:	Summary: Wireshark is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to error in the 'DECT' dissector when processing malformed data, which could allow code execution via malformed packets or a malicious PCAP file. Vulnerability Impact: Successful exploitation could allow attackers to cause buffer overflow and execute arbitrary code on the system. Affected Software/OS: Wireshark version 1.4.0 through 1.4.4 Solution: Upgrade to the Wireshark version 1.4.5 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1591 1025389 http://securitytracker.com/id?1025389 17185 http://www.exploit-db.com/exploits/17185 17195 http://www.exploit-db.com/exploits/17195 44172 http://secunia.com/advisories/44172 44374 http://secunia.com/advisories/44374 71848 http://www.osvdb.org/71848 ADV-2011-1022 http://www.vupen.com/english/advisories/2011/1022 ADV-2011-1106 http://www.vupen.com/english/advisories/2011/1106 FEDORA-2011-5529 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html FEDORA-2011-5569 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html FEDORA-2011-5621 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html MDVSA-2011:083 http://www.mandriva.com/security/advisories?name=MDVSA-2011:083 VU#243670 http://www.kb.cert.org/vuls/id/243670 [oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5 http://openwall.com/lists/oss-security/2011/04/18/8 [oss-security] 20110418 Wireshark 1.2.16 / 1.4.5 http://openwall.com/lists/oss-security/2011/04/18/2 http://www.wireshark.org/security/wnpa-sec-2011-06.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838 oval:org.mitre.oval:def:15000 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15000 wireshark-dect-bo(66834) https://exchange.xforce.ibmcloud.com/vulnerabilities/66834
Copyright	Copyright (C) 2012 Greenbone AG