7.8

CVE-2013-4927

Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.8.0
WiresharkWireshark Version1.8.1
WiresharkWireshark Version1.8.2
WiresharkWireshark Version1.8.3
WiresharkWireshark Version1.8.4
WiresharkWireshark Version1.8.5
WiresharkWireshark Version1.8.6
WiresharkWireshark Version1.8.7
WiresharkWireshark Version1.8.8
WiresharkWireshark Version1.10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.7% 0.883
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/54425
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://rhn.redhat.com/errata/RHSA-2014-0341.html
http://secunia.com/advisories/54296
http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-btsdp.c?r1=50134&r2=50133&pathrev=50134
Patch
http://anonsvn.wireshark.org/viewvc?view=revision&revision=50134
Patch
http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html
http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html
http://secunia.com/advisories/54371
http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8831
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17636
https://www.wireshark.org/security/wnpa-sec-2013-45.html
Vendor Advisory