Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802982
Category:General
Title:Wireshark LDP PPP and HSRP dissector Multiple Vulnerabilities (Mac OS X)
Summary:This host is installed with Wireshark and is prone to multiple; vulnerabilities.
Description:Summary:
This host is installed with Wireshark and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Errors in the HSRP, PPP and LDP dissectors when processing certain
packets can be exploited to cause an infinite loop and consume CPU
resources or a buffer overflow.

Vulnerability Impact:
Successful exploitation will allow remote attackers to execute arbitrary
code in the context of the application, to crash the affected application,
or to consume excessive CPU resources.

Affected Software/OS:
Wireshark versions 1.8.x prior to 1.8.3 on Mac OS X

Solution:
Upgrade to the Wireshark version 1.8.3 or later.

CVSS Score:
5.8

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 55754
Common Vulnerability Exposure (CVE) ID: CVE-2012-5237
http://www.securityfocus.com/bid/55754
http://osvdb.org/85884
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14992
http://www.securitytracker.com/id?1027604
XForce ISS Database: wireshark-hsrp-dos(79009)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79009
Common Vulnerability Exposure (CVE) ID: CVE-2012-5238
http://osvdb.org/85883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15593
XForce ISS Database: wireshark-ppp-dissector-dos(79010)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79010
Common Vulnerability Exposure (CVE) ID: CVE-2012-5240
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15691
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.