Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Wireshark / TShark
Опубликовано:20 сентября 2008 г.
Источник:
SecurityVulns ID:9299
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные DoS-условия при разборе различных протоколов.
Затронутые продукты:WIRESHARK : Wireshark 1.0
CVE:CVE-2008-3934 (Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.)
 CVE-2008-3933 (Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.)
 CVE-2008-3932 (Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.)
 CVE-2008-3146 (Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2008:199 ] wireshark (20.09.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород