CVE-2012-5598

Опубликовано: 28 нояб. 2012

Источник: redhat

CVSS2: 4.3

Описание

[REJECTED CVE] An integer overflow vulnerability has been identified in the dissect_iscsi_pdu() function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark. A remote attacker could provide a specially-crafted iSCSI packet / packet capture that, once processed, would lead to excessive CPU consumption or into situation where tshark executable would enter an infinite loop, when trying to process the crafted packet / packet capture file.

Отчет

This CVE has been rejected. This candidate is a duplicate of CVE-2012-6060. Note: All CVE users should reference CVE-2012-6060 instead of this candidate.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-835

https://bugzilla.redhat.com/show_bug.cgi?id=881771wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2012-5598

nvd

больше 12 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6060. Reason: This candidate is a reservation duplicate of CVE-2012-6060. Notes: All CVE users should reference CVE-2012-6060 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

ELSA-2014-0341

oracle-oval

около 11 лет назад

ELSA-2014-0341: wireshark security update (MODERATE)

ELSA-2013-1569

oracle-oval

больше 11 лет назад

ELSA-2013-1569: wireshark security, bug fix, and enhancement update (MODERATE)

4.3 Medium

CVSS2