Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Wireshark
Опубликовано:13 марта 2014 г.
Источник:
SecurityVulns ID:13602
Тип:удаленная
Уровень опасности:
5/10
Описание:DoS при разборе NFS и RLC, переполнение буфера при разборе MPEG.
Затронутые продукты:WIRESHARK : Wireshark 1.8
 WIRESHARK : Wireshark 1.10
CVE:CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.)
 CVE-2014-2283 (epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.)
 CVE-2014-2281 (The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:050 ] wireshark (13.03.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород