Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4048

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2012-4048
Last Modified 23 Sep 2014 01:26:54
Published 24 Jul 2012 03:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4048

Summary

The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.

Vulnerable Systems

Application

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.10

  • Wireshark 1.4.11

  • Wireshark 1.4.12

  • Wireshark 1.4.13

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4

  • Wireshark 1.4.5

  • Wireshark 1.4.6

  • Wireshark 1.4.7

  • Wireshark 1.4.8

  • Wireshark 1.4.9

  • Wireshark 1.6.0

  • Wireshark 1.6.1

  • Wireshark 1.6.2

  • Wireshark 1.6.3

  • Wireshark 1.6.4

  • Wireshark 1.6.5

  • Wireshark 1.6.6

  • Wireshark 1.6.7

  • Wireshark 1.6.8

  • Wireshark 1.8.0


References

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2012-11.html

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680056

SUSE - openSUSE-SU-2012:0930

DEBIAN - DSA-2590

GENTOO - GLSA-201308-05

SECUNIA - 54425

SECUNIA - 49971

Related Patches

Novell SUSE 2012:6760 wireshark security update for SLE 11 SP2 i586

Novell SUSE 2012:6760 wireshark security update for SLE 11 SP2 x86_64

Novell SUSE 2012:8267 wireshark security update for SLE 10 SP4 i586

Novell SUSE 2012:8267 wireshark security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 11:06:27