Wireshark FCSP Dissector CVE-2013-2485 Denial of Service Vulnerability
BID:58362
Info
Wireshark FCSP Dissector CVE-2013-2485 Denial of Service Vulnerability
| Bugtraq ID: | 58362 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2013-2485 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 06 2013 12:00AM |
| Updated: | Apr 09 2013 01:58PM |
| Credit: | Moshe Kaplan |
| Vulnerable: |
Wireshark Wireshark 1.6.8 Wireshark Wireshark 1.6.7 Wireshark Wireshark 1.6.6 Wireshark Wireshark 1.6.5 Wireshark Wireshark 1.6.4 Wireshark Wireshark 1.6.3 Wireshark Wireshark 1.6.2 Wireshark Wireshark 1.6.1 Wireshark Wireshark 1.6 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 |
| Not Vulnerable: | |
Discussion
Wireshark FCSP Dissector CVE-2013-2485 Denial of Service Vulnerability
Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.
Attackers can exploit this issue to cause the application to crash, resulting in denial-of-service conditions.
Wireshark versions 1.8.0 through 1.8.5 and 1.6.0 through 1.6.13 are vulnerable.
Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.
Attackers can exploit this issue to cause the application to crash, resulting in denial-of-service conditions.
Wireshark versions 1.8.0 through 1.8.5 and 1.6.0 through 1.6.13 are vulnerable.
Solution / Fix
Wireshark FCSP Dissector CVE-2013-2485 Denial of Service Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Wireshark FCSP Dissector CVE-2013-2485 Denial of Service Vulnerability
References:
References:
- Wireshark 1.6.14 Release Notes (Wireshark)
- Wireshark 1.8.6 Release Notes (Wireshark)
- Wireshark Homepage (Wireshark)
- FCSP dissector infinite loop (Wireshark)