CVE-2012-6056

2012-12-05 12:57:20 2017-09-19 03:35:32

Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Wireshark 1.8.3 Wireshark 1.8.2 Wireshark 1.8.1 Wireshark 1.8.0

Wireshark - Wireshark

Advisory	Patch	Confirmed	Link
			RHSA-2014:0341
			http://www.wireshark.org/security/wnpa-sec-2012-33.html
			openSUSE-SU-2013:0151
			openSUSE-SU-2012:1633
			http://anonsvn.wireshark.org/viewvc?view=revision&revisi...
			http://anonsvn.wireshark.org/viewvc/trunk/epan/dissector...
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7802

CVE-2012-6056

2012-12-05 12:57:20 2017-09-19 03:35:32

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)