Lucene search
MitreCVE-2012-4048HistoryJul 24, 2012 - 7:55 p.m.
CVE-2012-4048
2012-07-2419:55:00
CWE-94
mitre
web.nvd.nist.gov
44
wireshark
ppp
denial of service
cve-2012-4048
nvd
CVSS2
3.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.003
Percentile
65.7%
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.
Affected configurations
Node
wiresharkwiresharkMatch1.4.0
ORwiresharkwiresharkMatch1.4.0itanium
ORwiresharkwiresharkMatch1.4.0sparc
ORwiresharkwiresharkMatch1.4.1
ORwiresharkwiresharkMatch1.4.1itanium
ORwiresharkwiresharkMatch1.4.1sparc
ORwiresharkwiresharkMatch1.4.2
ORwiresharkwiresharkMatch1.4.2itanium
ORwiresharkwiresharkMatch1.4.2sparc
ORwiresharkwiresharkMatch1.4.3
ORwiresharkwiresharkMatch1.4.3itanium
ORwiresharkwiresharkMatch1.4.3sparc
ORwiresharkwiresharkMatch1.4.4
ORwiresharkwiresharkMatch1.4.4itanium
ORwiresharkwiresharkMatch1.4.4sparc
ORwiresharkwiresharkMatch1.4.5
ORwiresharkwiresharkMatch1.4.5itanium
ORwiresharkwiresharkMatch1.4.5sparc
ORwiresharkwiresharkMatch1.4.6
ORwiresharkwiresharkMatch1.4.6itanium
ORwiresharkwiresharkMatch1.4.6sparc
ORwiresharkwiresharkMatch1.4.7
ORwiresharkwiresharkMatch1.4.7itanium
ORwiresharkwiresharkMatch1.4.7sparc
ORwiresharkwiresharkMatch1.4.8
ORwiresharkwiresharkMatch1.4.8itanium
ORwiresharkwiresharkMatch1.4.8sparc
ORwiresharkwiresharkMatch1.4.9
ORwiresharkwiresharkMatch1.4.9itanium
ORwiresharkwiresharkMatch1.4.9sparc
ORwiresharkwiresharkMatch1.4.10
ORwiresharkwiresharkMatch1.4.10itanium
ORwiresharkwiresharkMatch1.4.10sparc
ORwiresharkwiresharkMatch1.4.11
ORwiresharkwiresharkMatch1.4.11itanium
ORwiresharkwiresharkMatch1.4.11sparc
ORwiresharkwiresharkMatch1.4.12
ORwiresharkwiresharkMatch1.4.12itanium
ORwiresharkwiresharkMatch1.4.12sparc
ORwiresharkwiresharkMatch1.4.13
ORwiresharkwiresharkMatch1.4.13itanium
ORwiresharkwiresharkMatch1.4.13sparc
Node
debiandebian_linuxMatch6.0
Node
wiresharkwiresharkMatch1.8.0
ORwiresharkwiresharkMatch1.8.0itanium
ORwiresharkwiresharkMatch1.8.0sparc
Node
wiresharkwiresharkMatch1.6.0
ORwiresharkwiresharkMatch1.6.0itanium
ORwiresharkwiresharkMatch1.6.0sparc
ORwiresharkwiresharkMatch1.6.1
ORwiresharkwiresharkMatch1.6.1itanium
ORwiresharkwiresharkMatch1.6.1sparc
ORwiresharkwiresharkMatch1.6.2
ORwiresharkwiresharkMatch1.6.2itanium
ORwiresharkwiresharkMatch1.6.2sparc
ORwiresharkwiresharkMatch1.6.3
ORwiresharkwiresharkMatch1.6.3itanium
ORwiresharkwiresharkMatch1.6.3sparc
ORwiresharkwiresharkMatch1.6.4
ORwiresharkwiresharkMatch1.6.4itanium
ORwiresharkwiresharkMatch1.6.4sparc
ORwiresharkwiresharkMatch1.6.5
ORwiresharkwiresharkMatch1.6.5itanium
ORwiresharkwiresharkMatch1.6.5sparc
ORwiresharkwiresharkMatch1.6.6
ORwiresharkwiresharkMatch1.6.6itanium
ORwiresharkwiresharkMatch1.6.6sparc
ORwiresharkwiresharkMatch1.6.7
ORwiresharkwiresharkMatch1.6.7itanium
ORwiresharkwiresharkMatch1.6.7sparc
ORwiresharkwiresharkMatch1.6.8
ORwiresharkwiresharkMatch1.6.8itanium
ORwiresharkwiresharkMatch1.6.8sparc
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wireshark | wireshark | 1.4.4 | cpe:/a:wireshark:wireshark:1.4.4::: |
| wireshark | wireshark | 1.4.6 | cpe:/a:wireshark:wireshark:1.4.6::: |
| wireshark | wireshark | 1.4.5 | cpe:/a:wireshark:wireshark:1.4.5::: |
| wireshark | wireshark | 1.4.3 | cpe:/a:wireshark:wireshark:1.4.3::: |
| wireshark | wireshark | 1.4.10 | cpe:/a:wireshark:wireshark:1.4.10::: |
| wireshark | wireshark | 1.4.0 | cpe:/a:wireshark:wireshark:1.4.0::: |
| wireshark | wireshark | 1.4.11 | cpe:/a:wireshark:wireshark:1.4.11::: |
| wireshark | wireshark | 1.4.1 | cpe:/a:wireshark:wireshark:1.4.1::: |
| wireshark | wireshark | 1.4.13 | cpe:/a:wireshark:wireshark:1.4.13::: |
| wireshark | wireshark | 1.4.2 | cpe:/a:wireshark:wireshark:1.4.2::: |
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=680056
lists.opensuse.org/opensuse-updates/2012-08/msg00000.html
secunia.com/advisories/49971
secunia.com/advisories/54425
www.debian.org/security/2012/dsa-2590
www.gentoo.org/security/en/glsa/glsa-201308-05.xml
www.wireshark.org/security/wnpa-sec-2012-11.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15547
Related
debiancve
debiancve
CVE-2012-4048
2012-07-24 19:55:00
prion
prion
Null pointer dereference
2012-07-24 19:55:00
nvd
nvd
CVE-2012-4048
2012-07-24 19:55:00
cvelist
cvelist
CVE-2012-4048
2012-07-24 19:00:00
ubuntucve
ubuntucve
CVE-2012-4048
2012-07-24 00:00:00
nessus
nessus
Debian DSA-2590-1 : wireshark - several vulnerabilities
2012-12-27 00:00:00
Mandriva Linux Security Advisory : wireshark (MDVSA-2012:125)
2012-09-06 00:00:00
Wireshark 1.8.x < 1.8.1 Multiple Denial of Service Vulnerabilities
2012-07-25 00:00:00
openvas
openvas
Mandriva Update for wireshark MDVSA-2012:125 (wireshark)
2012-08-09 00:00:00
Mandriva Update for wireshark MDVSA-2012:125 (wireshark)
2012-08-09 00:00:00
Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Mac OS X)
2012-07-27 00:00:00
securityvulns
securityvulns
[ MDVSA-2012:125 ] wireshark
2012-08-13 00:00:00
Wireshark security vulnerabilities
2012-08-20 00:00:00
debian
debian
[SECURITY] [DSA 2590-1] wireshark security update
2012-12-26 15:20:12
freebsd
freebsd
Wireshark -- Multiple vulnerabilities
2012-07-22 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2013-08-28 00:00:00
CVSS2
3.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.003
Percentile
65.7%
Related for CVE-2012-4048