Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-2281

Опубликовано: 07 мар. 2014
Источник: redhat
CVSS2: 6.8

Описание

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7wiresharkNot affected
Red Hat Enterprise Linux 5wiresharkFixedRHSA-2014:034131.03.2014
Red Hat Enterprise Linux 6wiresharkFixedRHSA-2014:034231.03.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1074114wireshark: NFS dissector crash (wnpa-sec-2014-01)

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-2281

ubuntu
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

nvd логотип

CVE-2014-2281

nvd
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

debian логотип

CVE-2014-2281

debian
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c i ...

github логотип

GHSA-c3gc-q6xc-6hv4

github
около 3 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

oracle-oval логотип

ELSA-2014-0342

oracle-oval
около 11 лет назад

ELSA-2014-0342: wireshark security update (MODERATE)

6.8 Medium

CVSS2