CVE-2024-8250

Опубликовано: 29 авг. 2024

Источник: debian

EPSS Низкий

Описание

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.4.0-1		package
wireshark	fixed	4.0.17-0+deb12u1	bookworm	package

https://www.wireshark.org/security/wnpa-sec-2024-11.html
https://gitlab.com/wireshark/wireshark/-/issues/19943
Fixed by: https://gitlab.com/wireshark/wireshark/-/commit/66dcd56f1eae615697b6588ac4778a61a5576391 (v4.3.1)

EPSS

Процентиль: 2%

0.00014

Низкий

CVE-2024-8250

CVSS3: 7.8

ubuntu

около 1 года назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

CVE-2024-8250

CVSS3: 5.5

redhat

около 1 года назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

CVE-2024-8250

CVSS3: 7.8

nvd

около 1 года назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

CVE-2024-8250

CVSS3: 5.5

msrc

2 месяца назад

Описание отсутствует

SUSE-SU-2024:3333-1

suse-cvrf

12 месяцев назад

Security update for wireshark

EPSS

Процентиль: 2%

0.00014

Низкий