Lucene search

K

[email protected]NVD:CVE-2012-3548

HistoryAug 30, 2012 - 10:55 p.m.

CVE-2012-3548

2012-08-3022:55:05

CWE-399

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.9%

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

Affected configurations

NVD

Node

wiresharkwiresharkMatch1.8.0

OR

wiresharkwiresharkMatch1.8.1

OR

wiresharkwiresharkMatch1.8.2

Node

wiresharkwiresharkMatch1.6.0

OR

wiresharkwiresharkMatch1.6.1

OR

wiresharkwiresharkMatch1.6.2

OR

wiresharkwiresharkMatch1.6.3

OR

wiresharkwiresharkMatch1.6.4

OR

wiresharkwiresharkMatch1.6.5

OR

wiresharkwiresharkMatch1.6.6

OR

wiresharkwiresharkMatch1.6.7

OR

wiresharkwiresharkMatch1.6.8

OR

wiresharkwiresharkMatch1.6.9

OR

wiresharkwiresharkMatch1.6.10

References

openwall.com/lists/oss-security/2012/08/29/4

secunia.com/advisories/54425

www.gentoo.org/security/en/glsa/glsa-201308-05.xml

www.securitytracker.com/id?1027464

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666

bugzilla.redhat.com/show_bug.cgi?id=849926

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15646

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.9%

Related for NVD:CVE-2012-3548

ubuntucve1 cvelist1 prion1 openvas3 nessus7 debiancve1 cve2 freebsd1 nvd1 securityvulns1 gentoo1