PT-2017-17924 · Wireshark+2 · Wireshark+2

Publicado

2017-04-12

Atualizado

2024-06-15

CVE-2017-7747

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.0.0 through 2.0.11 Wireshark versions 2.2.0 through 2.2.5

Description The issue is related to the PacketBB dissector, which could crash due to packet injection or a malformed capture file. This crash was triggered by uncontrolled additions to the protocol tree.

Recommendations For Wireshark versions 2.0.0 through 2.0.11, update to a version where the issue is fixed by restricting additions to the protocol tree in epan/dissectors/packet-packetbb.c. For Wireshark versions 2.2.0 through 2.2.5, update to a version where the issue is fixed by restricting additions to the protocol tree in epan/dissectors/packet-packetbb.c.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2017-1470

CVE-2017-7747

DLA-1634-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2017:1174-1

SUSE-SU-2017:1442-1

Produtos afetados

Alt Linux

Suse

Wireshark

PT-2017-17924 · Wireshark+2 · Wireshark+2

CVE-2017-7747

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 296