Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Wireshark
Опубликовано:13 января 2015 г.
Источник:
SecurityVulns ID:14195
Тип:удаленная
Уровень опасности:
5/10
Описание:Повреждения памяти при разборе различных протоколов.
Затронутые продукты:WIRESHARK : Wireshark 1.12
CVE:CVE-2015-0564 (Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.)
 CVE-2015-0563 (epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2015-0562 (Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2015:022 ] wireshark (13.01.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород