Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-2528

Опубликовано: 26 фев. 2016
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5wiresharkNot affected
Red Hat Enterprise Linux 6wiresharkNot affected
Red Hat Enterprise Linux 7wiresharkNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1312785wireshark: LBMC dissector crash (wnpa-sec-2016-08)

EPSS

Процентиль: 44%
0.00213
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-2528

CVSS3: 5.9
ubuntu
почти 10 лет назад

The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

nvd логотип

CVE-2016-2528

CVSS3: 5.9
nvd
почти 10 лет назад

The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

debian логотип

CVE-2016-2528

CVSS3: 5.9
debian
почти 10 лет назад

The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in t ...

github логотип

GHSA-4c7r-2m52-xmv2

CVSS3: 5.9
github
больше 3 лет назад

The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

EPSS

Процентиль: 44%
0.00213
Низкий

4.3 Medium

CVSS2