Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Wireshark 1: seven vulnerabilities

April 2016 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of Wireshark 1.

Impacted products: Debian, openSUSE, openSUSE Leap, Solaris,
Wireshark.

Severity: 2/4.

Creation date: 29/02/2016.

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Wireshark 1.

An attacker can use a DLL Hijacking vulnerability, in order to run
code. [severity:2/4; CVE-2016-2521, wnpa-sec-2016-01]

An attacker can generate an infinite loop in DNP3, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2523,
wnpa-sec-2016-03]

An attacker can send a malicious RSL packet, in order to trigger a
denial of service. [severity:2/4; CVE-2016-2530, CVE-2016-2531,
wnpa-sec-2016-10]

An attacker can send a malicious LLRP packet, in order to trigger
a denial of service. [severity:2/4; CVE-2016-2532,
wnpa-sec-2016-11]

An attacker can send a malicious GSM A-bis OML packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-14]

An attacker can send a malicious ASN.1 BER packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-15]

An attacker can send a malicious ASN.1 BER packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-18]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Wireshark-1-seven-vulnerabilities-19043


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts