Type confusion

2013-02-0301:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.8%

JSON

The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

CPENameOperatorVersion
wiresharkeq1.6.0
wiresharkeq1.6.12
wiresharkeq1.6.4
wiresharkeq1.6.8
wiresharkeq1.6.5
wiresharkeq1.6.3
wiresharkeq1.6.7
wiresharkeq1.6.1
wiresharkeq1.6.6
wiresharkeq1.6.11

Name	Operator	Version
wireshark	eq	1.6.0
wireshark	eq	1.6.12
wireshark	eq	1.6.4
wireshark	eq	1.6.8
wireshark	eq	1.6.5
wireshark	eq	1.6.3
wireshark	eq	1.6.7
wireshark	eq	1.6.1
wireshark	eq	1.6.6
wireshark	eq	1.6.11