 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902722 |
| Categoría: | Denial of Service |
| Título: | Wireshark IKE Packet Denial of Service Vulnerability - Windows |
| Resumen: | Wireshark is prone to a denial of service (DoS) vulnerability. |
| Descripción: | Summary: Wireshark is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error in 'IKEv1' protocol dissector and the function 'proto_tree_add_item()', when add more than 1000000 items to a proto_tree, that will cause a denial of service. Vulnerability Impact: Successful exploitation allows attackers to send a specially crafted IKE packet to cause the IKEv1 dissector to enter an infinite loop, which leads to denial of service. Affected Software/OS: Wireshark version 1.6.0 to 1.6.1 Wireshark version 1.4.0 to 1.4.8 on Windows Solution: Upgrade to the Wireshark version 1.4.9, 1.6.2 or later. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-3266 BugTraq ID: 49377 http://www.securityfocus.com/bid/49377 Bugtraq: 20110728 Wireshark 1.6.1 Malformed IKE Packet Denial of Service (Google Search) http://www.securityfocus.com/archive/1/519049/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2011:138 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15042 http://securitytracker.com/id?1025875 http://securityreason.com/securityalert/8351 SuSE Security Announcement: SUSE-SU-2011:1262 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00021.html SuSE Security Announcement: openSUSE-SU-2011:1263 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00022.html XForce ISS Database: wireshark-prototreeadditem-dos(69411) https://exchange.xforce.ibmcloud.com/vulnerabilities/69411 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |