 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.806943 |
| Kategorie: | Denial of Service |
| Titel: | Wireshark Multiple Denial-of-Service Vulnerabilities-01 (Jan 2016) - Windows |
| Zusammenfassung: | Wireshark is prone to multiple denial of service vulnerabilities. |
| Beschreibung: | Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws exist due to - 'dissect_CPMSetBindings' function in 'epan/dissectors/packet-mswsp.c' script in the MS-WSP dissector does not validate the column size. - 'dissect_ppi' function in 'epan/dissectors/packet-ppi.c' script in the PPI dissector does not initialize a packet-header data structure. - 'ipmi_fmt_udpport' function in 'epan/dissectors/packet-ipmi.c' script in the IPMI dissector improperly attempts to access a packet scope. - 'dissect_tds7_colmetadata_token' function in 'epan/dissectors/packet-tds.c' script in the TDS dissector does not validate the number of columns. - 's7comm_decode_ud_cpu_szl_subfunc' function in 'epan/dissectors/packet-s7comm_szl_ids.c' script in the S7COMM dissector does not validate the list count in an SZL response. - 'mp2t_find_next_pcr' function in 'wiretap/mp2t.c' script in the MP2T file parser does not reserve memory for a trailer. - 'get_value' function in 'epan/dissectors/packet-btatt.c' script in the Bluetooth Attribute (aka BT ATT) dissector uses an incorrect integer data type. - 'dissect_nwp' function in 'epan/dissectors/packet-nwp.c' script in the NWP dissector mishandles the packet type. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service attack. Affected Software/OS: Wireshark version 2.0.x before 2.0.1 on Windows Solution: Upgrade to Wireshark version 2.0.1 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-8742 https://security.gentoo.org/glsa/201604-05 http://www.securitytracker.com/id/1034551 Common Vulnerability Exposure (CVE) ID: CVE-2015-8741 Common Vulnerability Exposure (CVE) ID: CVE-2015-8739 BugTraq ID: 79382 http://www.securityfocus.com/bid/79382 Common Vulnerability Exposure (CVE) ID: CVE-2015-8740 Common Vulnerability Exposure (CVE) ID: CVE-2015-8738 Common Vulnerability Exposure (CVE) ID: CVE-2015-8736 Common Vulnerability Exposure (CVE) ID: CVE-2015-8735 Common Vulnerability Exposure (CVE) ID: CVE-2015-8734 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |