Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8711

Опубликовано: 04 янв. 2016
Источник: debian
EPSS Низкий

Описание

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wiresharkfixed2.0.1+g59ea380-1package
wiresharknot-affectedwheezypackage
wiresharkend-of-lifesqueezepackage

Примечания

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5bf565690ad9f0771196d8fa237aa37fae3bb7cc

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b4ada17723ed8af7e85cb48d537437ed614e417

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=23379ae3624df82c170f48e5bb3250a97ec61c13

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602

  • http://www.wireshark.org/security/wnpa-sec-2015-31.html

EPSS

Процентиль: 25%
0.00087
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-8711

CVSS3: 5.5
ubuntu
около 10 лет назад

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

redhat логотип

CVE-2015-8711

redhat
около 10 лет назад

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

nvd логотип

CVE-2015-8711

CVSS3: 5.5
nvd
около 10 лет назад

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

github логотип

GHSA-6f2c-6pxj-74jw

CVSS3: 5.5
github
больше 3 лет назад

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

suse-cvrf логотип

openSUSE-SU-2016:0054-1

suse-cvrf
около 10 лет назад

Security update for wireshark

EPSS

Процентиль: 25%
0.00087
Низкий