3.3

CVE-2012-5237

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.8.0
WiresharkWireshark Version1.8.1
WiresharkWireshark Version1.8.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.89% 0.545
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 6.5 2.9
AV:A/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-hsrp.c?r1=44454&r2=44453&pathrev=44454
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44454
Patch
http://osvdb.org/85884
http://www.securityfocus.com/bid/55754
http://www.securitytracker.com/id?1027604
http://www.wireshark.org/security/wnpa-sec-2012-26.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7581
https://exchange.xforce.ibmcloud.com/vulnerabilities/79009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14992