CVE-2013-3561

2013-05-25 05:18:16 2018-10-30 17:27:34

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Opensuse Opensuse 11.4 (not an official CPE) Debian Linux 7.0 Opensuse Opensuse 12.2 (not an official CPE) Opensuse Opensuse 12.3 (not an official CPE)

Wireshark 1.8.6 Wireshark 1.8.5 Wireshark 1.8.4 Wireshark 1.8.3 Wireshark 1.8.2 Wireshark 1.8.1 Wireshark 1.8.0

Opensuse - Opensuse Debian - Debian linux Wireshark - Wireshark

Advisory	Patch	Confirmed	Link
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8464
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8458
			http://www.wireshark.org/security/wnpa-sec-2013-31.html
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
			http://www.wireshark.org/security/wnpa-sec-2013-30.html
			http://www.wireshark.org/security/wnpa-sec-2013-29.html
			GLSA-201308-05
			openSUSE-SU-2013:1086
			openSUSE-SU-2013:1084
			openSUSE-SU-2013:0911
			openSUSE-SU-2013:0947
			http://anonsvn.wireshark.org/viewvc?view=revision&revisi...
			http://anonsvn.wireshark.org/viewvc?view=revision&revisi...
			http://anonsvn.wireshark.org/viewvc?view=revision&revisi...
			http://anonsvn.wireshark.org/viewvc/trunk/epan/dissector...
			http://anonsvn.wireshark.org/viewvc/trunk/epan/dissector...
			http://anonsvn.wireshark.org/viewvc/trunk/epan/dissector...

CVE-2013-3561

2013-05-25 05:18:16 2018-10-30 17:27:34

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)