Lucene search

[email protected]CVE-2012-5237

HistoryOct 04, 2012 - 7:55 p.m.

CVE-2012-5237

2012-10-0419:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2012-5237

wireshark

hsrp

denial of service

infinite loop

6.3 Medium

AI Score

Confidence

Low

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.9%

JSON

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Affected configurations

NVD

Node

wiresharkwiresharkMatch1.8.0

wiresharkwiresharkMatch1.8.1

wiresharkwiresharkMatch1.8.2

CPENameOperatorVersion
wireshark:wiresharkwiresharkeq1.8.0
wireshark:wiresharkwiresharkeq1.8.1
wireshark:wiresharkwiresharkeq1.8.2

CPE	Name	Operator	Version
wireshark:wireshark	wireshark	eq	1.8.0
wireshark:wireshark	wireshark	eq	1.8.1
wireshark:wireshark	wireshark	eq	1.8.2

References

anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-hsrp.c?r1=44454&r2=44453&pathrev=44454

anonsvn.wireshark.org/viewvc?view=revision&revision=44454

osvdb.org/85884

www.securityfocus.com/bid/55754

www.securitytracker.com/id?1027604

www.wireshark.org/security/wnpa-sec-2012-26.html

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7581

exchange.xforce.ibmcloud.com/vulnerabilities/79009

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14992

6.3 Medium

AI Score

Confidence

Low

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.9%

JSON

Related for CVE-2012-5237

prion1 debiancve1 nvd1 ubuntucve1 cvelist1 openvas6 freebsd1 nessus3