CVE-2019-10903

Опубликовано: 09 апр. 2019

Источник: debian

Описание

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	2.6.8-1		package

Примечания

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eafdcfa4b6d5187a5326442a82608ab03d9dddcb
https://www.wireshark.org/security/wnpa-sec-2019-18.html

Связанные уязвимости

CVE-2019-10903

CVSS3: 7.5

ubuntu

почти 7 лет назад

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

CVE-2019-10903

CVSS3: 6.5

redhat

почти 7 лет назад

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

CVE-2019-10903

CVSS3: 7.5

nvd

почти 7 лет назад

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

GHSA-w5c3-5252-xcj8

CVSS3: 7.5

github

больше 3 лет назад

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

BDU:2020-02574

CVSS3: 7.5

fstec

почти 7 лет назад

Уязвимость в диссекторе протокола Microsoft Spool Subsystem анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании