PT-2012-6246 · Wireshark · Wireshark
Published
2012-12-05
·
Updated
2017-09-19
·
CVE-2012-6057
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Wireshark versions 1.8.x through 1.8.3
Description
The issue is related to the dissect eigrp metric comm function in the EIGRP dissector, which uses the wrong data type for a certain offset value. This allows remote attackers to cause a denial of service via a malformed packet, resulting in an integer overflow and infinite loop.
Recommendations
For Wireshark versions 1.8.x through 1.8.3, update to version 1.8.4 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wireshark