Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10701
HistoryOct 14, 2015 - 12:00 a.m.

KLA10701 Denial of service vulnerability in Wireshark

2015-10-1400:00:00
Kaspersky Lab
threats.kaspersky.com
24

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Redundant indirection was found in Wireshark. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed packet.

Technical details

This vulnerability caused by pcapng_read_if_descr_block function in wiretap/pcapng.c (pcapng pareser) and can be triggered via packet which triggers interface-filter copying.

Original advisories

Wireshark advisory

Related products

Wireshark

CVE list

CVE-2015-7830 warning

Solution

Update to the latest version

Get Wireshark

Impacts

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Wireshark versions earlier than 1.12.8

Related

openvas 7
debiancve 1
mageia 1
freebsd 1
zdi 1
nvd 1
prion 1
cve 1
nessus 9
ubuntucve 1
cvelist 1
avleonov 1
debian 1
osv 1
openvas
openvas
Wireshark Pcapng File Parser Denial-of-Service Vulnerability (Nov 2015) - Windows
2015-11-19 00:00:00
Wireshark Pcapng File Parser Denial-of-Service Vulnerability (Nov 2015) - Mac OS X
2015-11-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0403)
2015-10-16 00:00:00
debiancve
debiancve
CVE-2015-7830
2015-11-15 03:59:01
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2015-10-15 22:50:55
freebsd
freebsd
wireshark -- Pcapng file parser crash
2015-10-14 00:00:00
zdi
zdi
Wireshark PCAPNG if_filter Arbitrary Free Remote Code Execution Vulnerability
2015-12-08 00:00:00
nvd
nvd
CVE-2015-7830
2015-11-15 03:59:01
prion
prion
Design/Logic Flaw
2015-11-15 03:59:00
cve
cve
CVE-2015-7830
2015-11-15 03:59:01
nessus
nessus
FreeBSD : wireshark -- Pcapng file parser crash (24e4d383-7b3e-11e5-a250-68b599b52a02)
2015-10-26 00:00:00
Wireshark 1.12.x < 1.12.8 pcapng File Parser DoS
2015-10-21 00:00:00
openSUSE Security Update : wireshark (openSUSE-2015-683)
2015-10-29 00:00:00
ubuntucve
ubuntucve
CVE-2015-7830
2015-11-15 00:00:00
cvelist
cvelist
CVE-2015-7830
2015-11-15 02:00:00
avleonov
avleonov
Parsing Nessus v2 XML reports with python
2020-03-09 01:12:00
debian
debian
[SECURITY] [DSA 3505-1] wireshark security update
2016-03-04 19:04:01
osv
osv
wireshark - security update
2016-03-04 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON
Related for KLA10701
openvas7debiancve1mageia1freebsd1zdi1nvd1prion1cve1nessus9ubuntucve1cvelist1avleonov1debian1osv1