KLA10637
Multiple vulnerabilities in Wireshark
Обновлено: 17/06/2019
Дата обнаружения
17/07/2015
Уровень угрозы
Warning
Описание

Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via a specially crafted packet trace file.

Below is a complete list of vulnerabilities

  1. The de_emerg_num_list function and the de_bcd_num function in epan/dissectors/packet-gsm_a_dtap.c file in the GSM DTAP dissector component check digit characters improperly
  2. The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c file in the WCCP dissector component checks memory size for storing IP address strings improperly
Пораженные продукты

Wireshark 1.12 versions earlier than 1.12.6

Решение

Update to the latest version

Первичный источник обнаружения
Wireshark security advisory
Wireshark security advisory
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2015-46515.0Critical
CVE-2015-46524.3Warning