Searching
..

Click anywhere to stop

KLA10867
Denial of service vulnerabilities in Wireshark

Обновлено: 22/01/2024
Дата обнаружения
09/09/2016
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed packet.


Technical details

These vulnerabilities related to multiple dissectors:

  1. epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector does not properly consider whether constant string
  2. Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector
  3. epan/dissectors/packet-umts_fp.c in the UMTS FP dissector does not properly handle memory allocation
  4. epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector does not restrict number of channels
  5. epan/dissectors/packet-h225.c in the H.225 dissector calls snprintf with one of its input buffers as the output buffer
  6. epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector mishandles MAC address data
Пораженные продукты

Wireshark 2 versions earlier than 2.0.6

Решение

Update to the latest version
Wireshark download page

Первичный источник обнаружения
Wireshark security advisories
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2016-71804.3Warning
CVE-2016-71794.3Warning
CVE-2016-71784.3Warning
CVE-2016-71774.3Warning
CVE-2016-71764.3Warning
CVE-2016-71754.3Warning
Узнай статистику распространения уязвимостей в твоем регионе