Уязвимость CVE-2013-1575: Информация

Описание

The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Важность: LOW (2,9)

Исправленные пакеты

Ссылки на рекомендации, решения и инструменты

1. Подверженные конфигурации:

   1. Конфигурация 1

      cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.12:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.4:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.8:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.7:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.6:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.11:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.9:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.6.10:*:*:*:*:*:*:*

      ---

      Конфигурация 2

      cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*

      ---