[SECURITY] [DSA 4060-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4060-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 09, 2017 https://www.debian.org/security/faq -...

The vulnerability of the PROFINET Discovery and Configuration Protocol (PN-DCP) implementation in the Cisco IOS operating system allows a hacker to trigger a service failure.

The vulnerability of the PROFINET Discovery and Configuration Protocol PN-DCP implementation in the Cisco IOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device restart and a Denial-of-Service attac...

Cisco IOS Software PROFINET denial of service (cisco-sa-20170927-profinet)

According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the PROFINET Discovery and Configuration Protocol PN-DCP feature. An unauthenticated, remote attacker can exploit this, via specially...

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

Race condition

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

CVE-2017-12235

The CVE-2017-12235 issue is a DoS flaw in Cisco IOS Software’s PROFINET Discovery and Configuration Protocol (PN-DCP) handling. It affects Cisco IOS on devices configured to process PN-DCP (notably Cisco Industrial Ethernet Switches) and stems from improper parsing of PN-DCP Identify Request pack...

EUVD-2017-3808

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

Cisco IOS Software Denial of Service Vulnerability (CNVD-2017-34216)

Cisco IOS is an operating system developed by Cisco for its network devices. A denial of service vulnerability exists in the PROFINET Discovery and Configuration Protocol PN-DCP implementation of Cisco IOS, which arises from the program's failure to properly parse PN-DCP Identify Request packets....

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the improper...

PT-2017-2990 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software versions 12.2 through 15.6 Description: A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP exists due to improper parsing of ingress PN-DCP Identify Request packets. This could...

SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:2555-1)

This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed : - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation bsc1056248. - CVE-2017-13766: The Profinet I/O dissector could have crash...

Wireshark 'Profinet I/O' Dissector DoS Vulnerability - Mac OS X

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Wireshark 'Profinet I/O' Dissector DoS Vulnerability - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Siemens 7KM PAC Switched Ethernet Denial of Service Vulnerability

7KM PAC Switched Ethernet is a switched Ethernet device from Siemens, Germany. A denial of service vulnerability exists in the 7KM PAC Switched Ethernet PROFINET Extension Module versions prior to 2.1.3, which allows an attacker to trigger a denial of service condition via specially crafted...

Wireshark 2.4.x < 2.4.1 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.1 advisory. - In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This...

Wireshark 2.2.x < 2.2.9 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.9 advisory. - In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This...