CVE-2017-7700

Sažetak

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.

Reference

https://www.wireshark.org/security/wnpa-sec-2017-14.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13478
http://www.securityfocus.com/bid/97631
https://security.gentoo.org/glsa/201706-12
http://www.securitytracker.com/id/1038262
https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8fc0af859de4993951a915ad735be350221f3f53

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

07-11-2023 - 02:50

Objavljeno

12-04-2017 - 23:59