![]() SecurityFocus: 55035 - Wireshark Versions Prior to 1.8. Vulnerability Center: 36197 - Wireshark 1.8.x Before 1.8.2 \x27pcapng_read_packet_block\x27() Remote DoS via a Crafted PCAP-NG file, Medium SecurityTracker: 1027404 - Wireshark Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code Upgrade: Wireshark 1.8.2 Timeline info ? ![]() Nessus Name: Fedora 18 : wireshark-1.8.2-1.fc18 (2012-11981)Īctive APT Groups: ? Countermeasures info Recommended: Upgrade Similar entries are available at 5989, 5990, 59. Wireshark uses the pcapng file format as the default format to save captured packets. The vulnerability is also documented in the databases at X-Force ( 77781), SecurityTracker ( ID 1027404), Vulnerability Center ( SBV-36197) and Tenable ( 62131). A possible mitigation has been published immediately after the disclosure of the vulnerability. Upgrading to version 1.8.2 eliminates this vulnerability. The commercial vulnerability scanner Qualys is able to test this issue with plugin 120909 (Solaris 11 Support Repository Update (SRU) 13.4 Missing). ![]() It is assigned to the family Fedora Local Security Checks. The vulnerability scanner Nessus provides a plugin with the ID 62131 (Fedora 18 : wireshark-1.8.2-1.fc18 (2012-11981)), which helps to determine the existence of the flaw in a target environment. Technical details of the vulnerability are known, but there is no available exploit. The exploitation doesn't need any form of authentication. This vulnerability is known as CVE-2012-4286 since. The public release has been coordinated with the project team. The weakness was published by Stefan Cornelius as wnpa-sec-2012-24 as confirmed bulletin (Website). As an impact it is known to affect availability. The CWE definition for the vulnerability is CWE-189. The manipulation with an unknown input leads to a numeric error vulnerability. Affected by this vulnerability is the function pcapng_read_packet_block of the file wiretap/pcapng.c of the component pcap-ng File Parser. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability classified as problematic was found in Wireshark 1.8.0/1.8.1 ( Packet Analyzer Software). The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. ![]() Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 Comments
Leave a Reply. |