Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3548

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-3548
Last Modified 23 Sep 2014 01:26:05
Published 30 Aug 2012 06:55:05
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3548

Summary

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

Vulnerable Systems

Application

  • Wireshark 1.6.0

  • Wireshark 1.6.1

  • Wireshark 1.6.10

  • Wireshark 1.6.2

  • Wireshark 1.6.3

  • Wireshark 1.6.4

  • Wireshark 1.6.5

  • Wireshark 1.6.6

  • Wireshark 1.6.7

  • Wireshark 1.6.8

  • Wireshark 1.6.9

  • Wireshark 1.8.0

  • Wireshark 1.8.1

  • Wireshark 1.8.2


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=849926

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666

MLIST - [oss-security] 20120829 Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector

SECTRACK - 1027464

GENTOO - GLSA-201308-05

SECUNIA - 54425


Last Updated: 27 May 2016 11:00:26