PT-2016-7740 · Wireshark+2 · Wireshark+2

Publicado

2016-11-17

Atualizado

2024-06-15

CVE-2016-9376

CVSS v3.1

5.9

Média

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.0.0 through 2.0.7 Wireshark versions 2.2.0 through 2.2.1

Description The issue concerns a crash with memory exhaustion in the OpenFlow dissector, triggered by network traffic or a capture file. This occurs due to insufficiently large length values.

Recommendations For Wireshark versions 2.0.0 through 2.0.7, update to a version where the issue is fixed by ensuring that certain length values in the OpenFlow dissector are sufficiently large. For Wireshark versions 2.2.0 through 2.2.1, update to a version where the issue is fixed by ensuring that certain length values in the OpenFlow dissector are sufficiently large.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2016-2325

CVE-2016-9376

DLA-714-1

DSA-3719-1

MGASA-2016-0391

OPENSUSE-SU-2024:10199-1

SUSE-SU-2017:1174-1

SUSE-SU-2017:1442-1

Produtos afetados

Alt Linux

Suse

Wireshark

PT-2016-7740 · Wireshark+2 · Wireshark+2

CVE-2016-9376

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 342