Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
FreeBSD Ports: wireshark
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Insight
Insight
The following packages are affected: wireshark wireshark-lite tshark tshark-lite CVE-2012-5237 The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. CVE-2012-5238 epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. CVE-2012-5240 Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
Solution
Solution
Update your system with the appropriate patches or software upgrades.
Common Vulnerabilities and Exposures (CVE)
References
- http://www.wireshark.org/security/wnpa-sec-2012-26.html
- http://www.wireshark.org/security/wnpa-sec-2012-27.html
- http://www.wireshark.org/security/wnpa-sec-2012-28.html
- http://www.wireshark.org/security/wnpa-sec-2012-29.html
- http://www.wireshark.org/docs/relnotes/wireshark-1.8.3.html
- http://www.vuxml.org/freebsd/a7706414-1be7-11e2-9aad-902b343deec9.html