CVE-2024-8250

Опубликовано: 29 авг. 2024

Источник: debian

EPSS Низкий

Описание

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.4.0-1		package
wireshark	fixed	4.0.17-0+deb12u1	bookworm	package

https://www.wireshark.org/security/wnpa-sec-2024-11.html
https://gitlab.com/wireshark/wireshark/-/issues/19943
Fixed by: https://gitlab.com/wireshark/wireshark/-/commit/66dcd56f1eae615697b6588ac4778a61a5576391 (v4.3.1)

EPSS

Процентиль: 2%

0.00014

Низкий

CVE-2024-8250

CVSS3: 7.8

ubuntu

10 месяцев назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

CVE-2024-8250

CVSS3: 5.5

redhat

10 месяцев назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

CVE-2024-8250

CVSS3: 7.8

nvd

10 месяцев назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

SUSE-SU-2024:3333-1

suse-cvrf

9 месяцев назад

Security update for wireshark

GHSA-4xqj-427q-hf6q

CVSS3: 7.8

github

10 месяцев назад

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

EPSS

Процентиль: 2%

0.00014

Низкий