CVE-2019-5721

Опубликовано: 08 янв. 2019

Источник: redhat

CVSS3: 7.5

Описание

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

Отчет

This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6, and 7.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	wireshark	Not affected
Red Hat Enterprise Linux 6	wireshark	Not affected
Red Hat Enterprise Linux 7	wireshark	Not affected
Red Hat Enterprise Linux 8	wireshark	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1666277wireshark: use-after-free in ENIP dissector results in denial of service

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-5721

CVSS3: 5.5

ubuntu

около 7 лет назад

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

CVE-2019-5721

CVSS3: 5.5

nvd

около 7 лет назад

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

CVE-2019-5721

CVSS3: 5.5

debian

около 7 лет назад

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...

GHSA-7gxq-23xx-mvh2

CVSS3: 5.5

github

больше 3 лет назад

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

BDU:2020-02717

CVSS3: 5.5

fstec

около 7 лет назад

Уязвимость диссектора ENIP анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3