Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15127
HistoryDec 23, 2009 - 12:00 a.m.

Wireshark 1.2.5版本修复多个安全漏洞

2009-12-2300:00:00
Root
www.seebug.org
17

0.062 Low

EPSS

Percentile

92.8%

JSON

BUGTRAQ ID: 37407
CVE ID: CVE-2009-4376,CVE-2009-4377,CVE-2009-4378

Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。

Wireshark的Daintree SNA文件解析器中存在缓冲区溢出漏洞,IPMI、SMB和SMB2协议解析模块中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的报文或读取了恶意抓包文件的话,就会导致解析模块崩溃或执行任意代码。

Wireshark 0.9.0 - 1.2.4
厂商补丁:

Wireshark

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.wireshark.org/download.html


                                                http://www.wireshark.org/download/automated/captures/fuzz-2009-12-07-11141.pcap
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4055

Related

nessus 15
gentoo 1
openvas 23
securityvulns 2
fedora 1
prion 3
cve 3
ubuntucve 3
debiancve 3
veracode 1
osv 1
redhat 1
centos 1
oraclelinux 1
nessus
nessus
Wireshark / Ethereal 0.9.0 to 1.2.4 Multiple Vulnerabilities
2009-12-18 00:00:00
Fedora 12 : wireshark-1.2.5-3.fc12 (2009-13592)
2009-12-27 00:00:00
GLSA-201006-05 : Wireshark: Multiple vulnerabilities
2010-06-02 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2010-06-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201006-05 (wireshark)
2011-03-09 00:00:00
Gentoo Security Advisory GLSA 201006-05 (wireshark)
2011-03-09 00:00:00
Mandriva Update for wireshark MDVSA-2010:016 (wireshark)
2010-01-20 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:016 ] wireshark
2010-01-20 00:00:00
Wireshark sniffer multiple security vulnerabilities
2010-01-20 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: wireshark-1.2.5-3.fc12
2009-12-23 21:33:14
prion
prion
Buffer overflow
2009-12-21 21:30:00
Null pointer dereference
2009-12-21 21:30:00
Design/Logic Flaw
2009-12-21 21:30:00
cve
cve
CVE-2009-4376
2009-12-21 21:30:00
CVE-2009-4377
2009-12-21 21:30:00
CVE-2009-4378
2009-12-21 21:30:00
ubuntucve
ubuntucve
CVE-2009-4377
2009-12-21 00:00:00
CVE-2009-4376
2009-12-21 00:00:00
CVE-2009-4378
2009-12-21 00:00:00
debiancve
debiancve
CVE-2009-4377
2009-12-21 21:30:00
CVE-2009-4376
2009-12-21 21:30:00
CVE-2009-4378
2009-12-21 21:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:45:46
osv
osv
wireshark - several vulnerabilities
2010-01-30 00:00:00
redhat
redhat
(RHSA-2010:0360) Moderate: wireshark security update
2010-04-20 00:00:00
centos
centos
wireshark security update
2010-04-20 17:23:26
oraclelinux
oraclelinux
wireshark security update
2010-04-20 00:00:00

0.062 Low

EPSS

Percentile

92.8%

JSON
Related for SSV:15127
nessus15gentoo1openvas23securityvulns2fedora1prion3cve3ubuntucve3debiancve3veracode1osv1redhat1centos1oraclelinux1