PT-2018-10515 · Wireshark+2 · Wireshark+2

Peter Wu

Publicado

2018-04-03

Atualizado

2024-06-15

CVE-2018-11357

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.2.0 through 2.2.14 Wireshark versions 2.4.0 through 2.4.6 Wireshark version 2.6.0

Description The issue concerns excessive memory consumption by the LTP dissector and other dissectors in Wireshark. This was resolved by rejecting negative lengths in epan/tvbuff.c.

Recommendations For Wireshark versions 2.2.0 through 2.2.14, update to a version that includes the fix in epan/tvbuff.c to prevent excessive memory consumption. For Wireshark versions 2.4.0 through 2.4.6, update to a version that includes the fix in epan/tvbuff.c to prevent excessive memory consumption. For Wireshark version 2.6.0, update to a version that includes the fix in epan/tvbuff.c to prevent excessive memory consumption.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2018-1549

ALT-PU-2018-1794

ALT-PU-2018-2487

CVE-2018-11357

DLA-1634-1

MGASA-2018-0266

OPENSUSE-SU-2018_1428-1

OPENSUSE-SU-2020:0362-1

OPENSUSE-SU-2020_0362-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2018:1988-1

SUSE-SU-2018:2412-1

SUSE-SU-2018:2891-1

SUSE-SU-2018:2891-2

SUSE-SU-2020:0693-1

Produtos afetados

Alt Linux

Suse

Wireshark

PT-2018-10515 · Wireshark+2 · Wireshark+2

CVE-2018-11357

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 530