CVE-2023-6174

Опубликовано: 16 нояб. 2023

Источник: debian

Описание

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.0.11-1		package
wireshark	not-affected		bullseye	package
wireshark	not-affected		buster	package

https://www.wireshark.org/security/wnpa-sec-2023-28.html
https://gitlab.com/wireshark/wireshark/-/issues/19369
Introduced by: https://gitlab.com/wireshark/wireshark/-/commit/a2f6b079f16e0dfa10a1eab82b13b52d8e173199 (v3.7.0)

CVE-2023-6174

CVSS3: 6.3

ubuntu

около 2 лет назад

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

CVE-2023-6174

CVSS3: 4.3

redhat

около 2 лет назад

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

CVE-2023-6174

CVSS3: 6.3

nvd

около 2 лет назад

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

CVE-2023-6174

CVSS3: 6.5

msrc

5 месяцев назад

Out-of-bounds Read in Wireshark

GHSA-xx79-4755-jq22

CVSS3: 6.3

github

около 2 лет назад

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file