Уязвимость чтения за пределами буфера в диссекторе DHCP в Wireshark
Описание
В Wireshark версиях с 2.2.0 по 2.2.6 и с 2.0.0 по 2.0.12 обнаружена уязвимость, связанная с диссектором DHCP, который мог считать данные за пределами буфера.
Затронутые версии ПО
- Wireshark 2.2.0 до 2.2.6
- Wireshark 2.0.0 до 2.0.12
Тип уязвимости
Чтение данных за пределами буфера
Решение
Уязвимость была устранена в файле epan/dissectors/packet-bootp.c с помощью более тщательного извлечения идентификатора класса поставщика (Vendor Class Identifier).
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchVendor Advisory
- Issue TrackingPatchVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchVendor Advisory
- Issue TrackingPatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector co ...
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
EPSS
7.5 High
CVSS3
5 Medium
CVSS2