Computer Security
[EN] securityvulns.ru no-pyccku


Wireshark DoS
Published:24.12.2013
Source:
SecurityVulns ID:13466
Type:remote
Threat Level:
5/10
Description:Problems with NTLMSSPv2 and BSSGP dissectors.
Affected:WIRESHARK : Wireshark 1.10
CVE:CVE-2013-7114 (Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.)
 CVE-2013-7113 (epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2825-1] wireshark security update (24.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod