Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8712

Опубликовано: 09 окт. 2014
Источник: redhat
CVSS2: 4.3

Описание

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Отчет

This issue affects the verison of wireshark as shipped with Red Hat Enterprsie Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5wiresharkWill not fix
Red Hat Enterprise Linux 6wiresharkFixedRHSA-2015:146021.07.2015
Red Hat Enterprise Linux 7wiresharkFixedRHSA-2015:239319.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1163582wireshark: NCP dissector crashes (wnpa-sec-2014-22)

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8712

ubuntu
почти 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

nvd логотип

CVE-2014-8712

nvd
почти 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

debian логотип

CVE-2014-8712

debian
почти 11 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc i ...

github логотип

GHSA-43xh-764p-9whg

github
больше 3 лет назад

The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

oracle-oval логотип

ELSA-2015-1460

oracle-oval
около 10 лет назад

ELSA-2015-1460: wireshark security, bug fix, and enhancement update (MODERATE)

4.3 Medium

CVSS2