2009-04-01 12:30:00 2018-10-10 21:35:09

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Wireshark 1.0.4 Wireshark 1.0.3 Wireshark 1.0.2 Wireshark 1.0.0 Wireshark 1.0.1 Wireshark Wireshark 1.0 (not an official CPE) Wireshark 0.99.8 Wireshark 0.99.7 Wireshark Wireshark 0.99.6a (not an official CPE) Wireshark 0.99.6 Wireshark 0.99.4 Wireshark 0.99.5 Wireshark 0.99.3 Wireshark 0.99.2 Wireshark Wireshark 0.99.1 (not an official CPE) Wireshark Wireshark 0.99.0 (not an official CPE) Wireshark Wireshark 0.99 (not an official CPE) Wireshark Wireshark 0.10.14 (not an official CPE) Wireshark Wireshark 0.10.13 (not an official CPE) Wireshark Wireshark 0.10.12 (not an official CPE) Wireshark Wireshark 0.10.11 (not an official CPE) Wireshark Wireshark 0.10.10 (not an official CPE) Wireshark Wireshark 0.10.9 (not an official CPE) Wireshark Wireshark 0.10.8 (not an official CPE) Wireshark Wireshark 0.10.7 (not an official CPE) Wireshark Wireshark 0.10.6 (not an official CPE) Wireshark Wireshark 0.10.5 (not an official CPE) Wireshark Wireshark 0.10.4 (not an official CPE) Wireshark Wireshark 0.10.3 (not an official CPE) Wireshark Wireshark 0.10.2 (not an official CPE) Wireshark Wireshark 0.10.1 (not an official CPE) Wireshark Wireshark 0.10 (not an official CPE) Wireshark Wireshark 0.9.14 (not an official CPE) Wireshark Wireshark 0.9.10 (not an official CPE) Wireshark Wireshark 0.9.8 (not an official CPE) Wireshark Wireshark 0.9.7 (not an official CPE) Wireshark Wireshark 0.9.5 (not an official CPE) Wireshark Wireshark 0.8.19 (not an official CPE) Wireshark Wireshark 0.8.16 (not an official CPE) Wireshark Wireshark 0.7.9 (not an official CPE) Wireshark Wireshark 0.6 (not an official CPE) Wireshark 1.0.5