Wireshark 多个拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114863 漏洞类型
发布时间 2008-03-28 更新时间 2009-02-10
CVE编号 CVE-2008-1561 CNNVD-ID CNNVD-200803-486
漏洞平台 Linux CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/31552
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200803-486
|漏洞详情
Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。Wireshark的X.509sat、Roofnet、LDAP和SCCP协议处理模块中存在多个拒绝服务漏洞,如果用户通过抓包或抓包文件处理了特制报文的话,就可能导致应用程序崩溃或耗尽大量内存。
|漏洞EXP
source: http://www.securityfocus.com/bid/28485/info

Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

These issues affect Wireshark 0.99.2 up to and including 0.99.8. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/31552.pcap
|参考资料

来源:FEDORA
名称:FEDORA-2008-3040
链接:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00228.html
来源:FEDORA
名称:FEDORA-2008-2941
链接:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00140.html
来源:issues.rpath.com
链接:https://issues.rpath.com/browse/RPL-2418
来源:XF
名称:wireshark-roofnet-dissector-dos(41515)
链接:http://xforce.iss.net/xforce/xfdb/41515
来源:XF
名称:wireshark-x509sat-dissector-dos(41514)
链接:http://xforce.iss.net/xforce/xfdb/41514
来源:www.wireshark.org
链接:http://www.wireshark.org/security/wnpa-sec-2008-02.html
来源:SECTRACK
名称:1019728
链接:http://www.securitytracker.com/id?1019728
来源:BID
名称:28485
链接:http://www.securityfocus.com/bid/28485
来源:BUGTRAQ
名称:20080404rPSA-2008-0138-1tsharkwireshark
链接:http://www.securityfocus.com/archive/1/archive/1/490487/100/0/threaded
来源:REDHAT
名称:RHSA-2008:0890
链接:http://www.redhat.com/support/errata/RHSA-2008-0890.html
来源:MANDRIVA
名称:MDVSA-2008:091
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:091
来源:GEN