Описание
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
Отчет
This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the versions of wireshark as shipped with Red Hat Enterprise Linux 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | wireshark | Will not fix | ||
| Red Hat Enterprise Linux 6 | wireshark | Will not fix | ||
| Red Hat Enterprise Linux 7 | wireshark | Fix deferred | ||
| Red Hat Enterprise Linux 8 | wireshark | Fix deferred |
Показывать по
Дополнительная информация
Статус:
7.3 High
CVSS3
Связанные уязвимости
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and rel ...
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
Уязвимость компонента ASN.1 BER диссектора анализатора трафика компьютерных сетей Wireshark, связанная с выходом операции за границы памяти, позволяющая нарушителю вызвать отказ в обслуживании
7.3 High
CVSS3