Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8724

Опубликовано: 04 янв. 2016
Источник: debian

Описание

The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wiresharkfixed2.0.1+g59ea380-1package
wiresharkfixed1.8.2-5wheezy18wheezypackage
wiresharkend-of-lifesqueezepackage

Примечания

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83f2818118ae255db949bb3a4b3a26ebd1c5f7c5

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826

  • http://www.wireshark.org/security/wnpa-sec-2015-42.html

  • Not suitable for code injection

Связанные уязвимости

ubuntu логотип

CVE-2015-8724

CVSS3: 5.5
ubuntu
около 10 лет назад

The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

redhat логотип

CVE-2015-8724

redhat
около 10 лет назад

The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

nvd логотип

CVE-2015-8724

CVSS3: 5.5
nvd
около 10 лет назад

The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

github логотип

GHSA-2wg5-rphj-mv3r

CVSS3: 5.5
github
больше 3 лет назад

The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

suse-cvrf логотип

openSUSE-SU-2016:0054-1

suse-cvrf
около 10 лет назад

Security update for wireshark