Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8712

Опубликовано: 09 окт. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Отчет

This issue affects the verison of wireshark as shipped with Red Hat Enterprsie Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5wiresharkWill not fix
Red Hat Enterprise Linux 6wiresharkFixedRHSA-2015:146021.07.2015
Red Hat Enterprise Linux 7wiresharkFixedRHSA-2015:239319.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1163582wireshark: NCP dissector crashes (wnpa-sec-2014-22)

EPSS

Процентиль: 75%
0.00836
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8712

ubuntu
больше 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

nvd логотип

CVE-2014-8712

nvd
больше 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

debian логотип

CVE-2014-8712

debian
больше 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc i ...

github логотип

GHSA-43xh-764p-9whg

github
почти 4 года назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

oracle-oval логотип

ELSA-2015-1460

oracle-oval
больше 10 лет назад

ELSA-2015-1460: wireshark security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 75%
0.00836
Низкий

4.3 Medium

CVSS2