Дата обнаружения
|
03/03/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.10 and 2.2.0 to 2.2.4. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities:
Technical details Vulnerability (1) was found in epan/dissectors/packet-ldss.c when checking that memory allocation is done for a certain data structure. Vulnerability (2) was found in epan/dissectors/packet-iax2.c when making constraints to packet lateness. Vulnerability (3) was found in epan/dissectors/packet-wsp.c when validating the capability length. Vulnerability (4) was found in epan/dissectors/packet-rtmpt.c when accurately incrementing a certain sequence value. Vulnerability (5) was found in wiretap/k12.c when validating the relationships between offsets and lengths. Vulnerability (6) was found in wiretap/netscaler.c when validating record sizes and changing the file size restrictions. Vulnerability (7) was found in wiretap/netscaler.c when validating the relationship between records and pages. |
Пораженные продукты
|
Wireshark 2.0.0 to 2.0.10 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
wnpa-sec-2017-07 wnpa-sec-2017-09 wnpa-sec-2017-10 wnpa-sec-2017-03 wnpa-sec-2017-04 wnpa-sec-2017-05 wnpa-sec-2017-08 wnpa-sec-2017-11 |
Оказываемое влияние
?
|
DoS
[?]
|
Связанные продукты
|
Wireshark |
CVE-IDS
|
CVE-2017-64725.0Critical
CVE-2017-64735.0Critical CVE-2017-64745.0Critical CVE-2017-64675.0Critical CVE-2017-64685.0Critical CVE-2017-64695.0Critical CVE-2017-64707.8Critical CVE-2017-64715.0Critical |
Узнай статистику распространения уязвимостей в твоем регионе |