Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-2281

Опубликовано: 11 мар. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3

Описание

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

РелизСтатусПримечание
devel

released

1.10.6-1
esm-apps/xenial

released

1.10.6-1
esm-infra-legacy/trusty

not-affected

1.10.6-1
lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needed
quantal

ignored

end of life
saucy

ignored

end of life
trusty

released

1.10.6-1
trusty/esm

not-affected

1.10.6-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.03333
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-2281

redhat
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

nvd логотип

CVE-2014-2281

nvd
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

debian логотип

CVE-2014-2281

debian
больше 11 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c i ...

github логотип

GHSA-c3gc-q6xc-6hv4

github
около 3 лет назад

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

oracle-oval логотип

ELSA-2014-0342

oracle-oval
около 11 лет назад

ELSA-2014-0342: wireshark security update (MODERATE)

EPSS

Процентиль: 87%
0.03333
Низкий

4.3 Medium

CVSS2

Уязвимость CVE-2014-2281