KLA10649
Denial of service vulnerabilities in Wireshark
Обновлено: 17/06/2019
Дата обнаружения
11/08/2015
Уровень угрозы
Warning
Описание

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet.


Technical details

This vulnerability related to next conditions:

  1. Adding item to protocol tree;
  2. Ptvcursor length checking;
  3. WCCP, OpenFlow, GSM RLC/MAC, ZigBee, WaveAgent dissectors acting;
  4. Attempt to free invalid memory;
  5. Searching protocol dissector.

As result of exploitation there are two kinds DoS: crash or consume excessive CPU resources.

Пораженные продукты

Wireshark versions earlier than 1.12.7

Решение

Update to the latest version
Get Wireshark

Первичный источник обнаружения
Wireshark Security Advisories
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2015-62464.3Warning
CVE-2015-62454.3Warning
CVE-2015-62414.3Warning
CVE-2015-62424.3Warning
CVE-2015-62484.3Warning
CVE-2015-62474.3Warning
CVE-2015-62494.3Warning
CVE-2015-62444.3Warning
CVE-2015-62434.3Warning