Информационная безопасность
[RU] switch to English


DoS против Wireshark
дополнено с 28 июня 2007 г.
Опубликовано:17 августа 2007 г.
Источник:
SecurityVulns ID:7866
Тип:удаленная
Уровень опасности:
5/10
Описание:Бесконечный цикл при разборе MMS и SSL, однобайтовое переполнение при разборе iSeries и DHCP/BOOTP.
Затронутые продукты:WIRESHARK : wireshark 0.99
CVE:CVE-2007-3393 (Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.)
 CVE-2007-3392 (Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.)
 CVE-2007-3391 (Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.)
 CVE-2007-3390 (Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.)
 CVE-2007-3389 (Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.)
Оригинальный текстdocumentzwell_(at)_sohu.com, WireShark MMS Remote Denial of Service vulnerability (15.08.2007)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service (28.06.2007)
Файлы:WireShark<0.99.6 MMS protocol DOS PoC

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород