PT-2019-5364 · Wireshark+3 · Wireshark+3

Publicado

2018-04-03

Atualizado

2024-06-15

CVE-2019-10896

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Wireshark versions 2.4.0 through 2.4.13 Wireshark versions 2.6.0 through 2.6.7 Wireshark version 3.0.0

Description The issue is related to errors in resource management in the DOF Dissector component of the Wireshark network traffic analyzer. It could allow a remote attacker to cause a denial of service. The problem was addressed by properly handling generated IID and OID bytes in the dissector.

Recommendations For Wireshark versions 2.4.0 through 2.4.13, update the epan/dissectors/packet-dof.c file to properly handle generated IID and OID bytes. For Wireshark versions 2.6.0 through 2.6.7, update the epan/dissectors/packet-dof.c file to properly handle generated IID and OID bytes. For Wireshark version 3.0.0, update the epan/dissectors/packet-dof.c file to properly handle generated IID and OID bytes.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399CWE-787

Identificadores relacionados

ALT-PU-2018-1549

ALT-PU-2019-1633

BDU:2020-02571

CVE-2019-10896

DLA-2423-1

OPENSUSE-SU-2019:1356-1

OPENSUSE-SU-2019_1356-1

OPENSUSE-SU-2019_1390-1

OPENSUSE-SU-2020:0362-1

OPENSUSE-SU-2020_0362-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2019:1036-1

SUSE-SU-2019:1038-1

SUSE-SU-2020:0693-1

USN-3986-1

Produtos afetados

Alt Linux

Suse

Ubuntu

Wireshark

PT-2019-5364 · Wireshark+3 · Wireshark+3

CVE-2019-10896

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 464