Уязвимость бесконечного цикла в диссекторе DTN в Wireshark при обработке сетевого трафика или файла захвата
Описание
В Wireshark существует уязвимость, связанная с возможным бесконечным циклом в диссекторе DTN. Эта проблема может быть вызвана сетевым трафиком или файлом захвата. Для решения данной проблемы разработчики реализовали проверку успешности оценки SDNV в файле epan/dissectors/packet-dtn.c.
Затронутые версии ПО
- Wireshark 2.2.0 до 2.2.1
- Wireshark 2.0.0 до 2.0.7
Тип уязвимости
Бесконечный цикл
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue Tracking
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue Tracking
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector coul ...
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2