CVE-2017-6014

Sažetak

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.

Reference

http://www.debian.org/security/2017/dsa-3811
http://www.securityfocus.com/bid/96284
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416
https://security.gentoo.org/glsa/201706-12

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

17-02-2017 - 07:59