CVE-2018-5336

Опубликовано: 11 янв. 2018

Источник: redhat

CVSS3: 5.9

Описание

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	wireshark	Will not fix
Red Hat Enterprise Linux 7	wireshark	Will not fix
Red Hat Enterprise Linux 8	wireshark	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1534374wireshark: Missing recursion limit in epan/tvbparse.c can cause multiple dissectors to crash

5.9 Medium

CVSS3

Связанные уязвимости

CVE-2018-5336

CVSS3: 7.5

ubuntu

около 8 лет назад

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

CVE-2018-5336

CVSS3: 7.5

nvd

около 8 лет назад

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

CVE-2018-5336

CVSS3: 7.5

debian

около 8 лет назад

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, X ...

GHSA-7xxh-26w2-h47g

CVSS3: 7.5

github

больше 3 лет назад

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.

openSUSE-SU-2018:0090-1

suse-cvrf

около 8 лет назад

Security update for wireshark

5.9 Medium

CVSS3