Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.810700
Category:Denial of Service
Title:Wireshark 'STANAG 4607' Capture File Denial of Service Vulnerability (Mac OS X)
Summary:Wireshark is prone to a denial of service (DoS) vulnerability.
Description:Summary:
Wireshark is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
The flaw is due to a crafted or
malformed STANAG 4607 capture file will cause an infinite loop and memory
exhaustion. If the packet size field in a packet header is null, the offset
to read from will not advance, causing continuous attempts to read the same
zero length packet. This will quickly exhaust all system memory.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to cause the application to enter an infinite loop and consume
excessive CPU resources, resulting in denial-of-service conditions.

Affected Software/OS:
Wireshark versions 2.2.4 and prior
on Mac OS X

Solution:
Update to Wireshark 2.2.5 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-6014
BugTraq ID: 96284
http://www.securityfocus.com/bid/96284
Debian Security Information: DSA-3811 (Google Search)
http://www.debian.org/security/2017/dsa-3811
https://security.gentoo.org/glsa/201706-12
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.