VulDB: Wireshark up to 1.6.7 on SPARC/Itanium denial of service [CVE-2012-2394]
General
scipID: 5442
Affected: Wireshark up to 1.6.7
Published: 05/22/2012 (Klaus Heckelmann)
Risk: 
problematic
Entry: 87% complete
Created: 05/25/2012
Updated: 09/03/2012
Summary
A vulnerability classified as problematic has been found in Wireshark up to 1.6.7 (SPARC/Itanium). Affected is an unknown function. The manipulation with an unknown input leads to a denial of service vulnerability. This is going to have an impact on availability.
The weakness was disclosed 05/22/2012 by Klaus Heckelmann as wnpa-sec-2012-10 as knowledge base article (Website). The advisory is shared for download at wireshark.org. The public release has been coordinated in cooperation with the vendor. This vulnerability is traded as CVE-2012-2394 since 04/19/2012. It is possible to launch the attack remotely. The exploitation doesn’t require any form of authentication. Technical details are unknown but a private exploit is available.
Upgrading to version 1.6.8 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (82100) and Secunia (SA49226).CVSS
Base Score: 7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Denial of service
Local: No
Remote: Yes
Availability: Yes
Access: Private
Countermeasures
Recommended: Upgrade
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Upgrade: Wireshark 1.6.8
Timeline
04/19/2012 | CVE assigned
05/22/2012 | Advisory disclosed
05/22/2012 | Countermeasure disclosed
05/23/2012 | OSVDB entry created
05/25/2012 | VulDB entry created
09/03/2012 | VulDB entry updated
Sources
Advisory: wnpa-sec-2012-10
Researcher: Klaus Heckelmann
Coordinated: Yes
OSVDB: 82100
CVE: CVE-2012-2394 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 49226
- Latest Entries
- EMC RSA Authentication API Encryption Key information disclosure
- Cisco Secure Access Control System Web Interface weak authentication
- Python ssl.match_hostname() denial of service
- Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
- Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
- Statistics
- Archive
