Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8731

Опубликовано: 04 янв. 2016
Источник: debian
EPSS Низкий

Описание

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wiresharkfixed2.0.1+g59ea380-1package
wiresharkend-of-lifesqueezepackage

Примечания

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2930d3105c3ff2bfb1278b34ad10e2e71c3b8fb0

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11829

  • http://www.wireshark.org/security/wnpa-sec-2015-49.html

  • fix released in 2.0.1 is incomplete, but the rest is tracked under CVE-2016-2530

EPSS

Процентиль: 77%
0.01042
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-8731

CVSS3: 5.5
ubuntu
около 10 лет назад

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

redhat логотип

CVE-2015-8731

redhat
около 10 лет назад

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

nvd логотип

CVE-2015-8731

CVSS3: 5.5
nvd
около 10 лет назад

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

github логотип

GHSA-c99w-6m8h-gq25

CVSS3: 5.5
github
больше 3 лет назад

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

suse-cvrf логотип

openSUSE-SU-2016:0054-1

suse-cvrf
около 10 лет назад

Security update for wireshark

EPSS

Процентиль: 77%
0.01042
Низкий