PT-2018-2538 · Wireshark+2 · Wireshark+2

Publicado

2018-04-03

Atualizado

2024-06-15

CVE-2018-19623

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.4.0 through 2.4.10 Wireshark versions 2.6.0 through 2.6.4

Description The issue is related to errors in handling input data in the LBMPDM dissector of the Wireshark network traffic analyzer. Exploitation of this issue could allow a remote attacker to cause a denial of service using a specially crafted packet or packet capture file. Additionally, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory.

Recommendations For Wireshark versions 2.4.0 through 2.4.10, update to a version where the LBMPDM dissector issue is addressed. For Wireshark versions 2.6.0 through 2.6.4, update to a version where the LBMPDM dissector issue is addressed. As a temporary workaround, consider disabling the LBMPDM dissector until a patch is available.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189CWE-787

Identificadores relacionados

ALT-PU-2018-1549

ALT-PU-2018-2763

BDU:2019-00923

CVE-2018-19623

DLA-1634-1

DSA-4359-1

OPENSUSE-SU-2018_4307-1

OPENSUSE-SU-2020:0362-1

OPENSUSE-SU-2020_0362-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2018:4295-1

SUSE-SU-2018:4298-1

SUSE-SU-2020:0693-1

Produtos afetados

Alt Linux

Suse

Wireshark

PT-2018-2538 · Wireshark+2 · Wireshark+2

CVE-2018-19623

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 466