what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2012-4289

Status Candidate

Overview

epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.

Related Files

Red Hat Security Advisory 2013-1569-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1569-02 - Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3559, CVE-2013-3561, CVE-2013-4081, CVE-2013-4083, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934
SHA-256 | 7f3f7798dc92e097ef305e4b1e31fdf494b6ba631fb4d04aeb99e0eeff06aeea
Gentoo Linux Security Advisory 201308-05-02
Posted Aug 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-5 - The references section of the original advisory contained wrong CVE references.

tags | advisory
systems | linux, gentoo
advisories | CVE-2012-0041, CVE-2012-0042, CVE-2012-0043, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068, CVE-2012-3548, CVE-2012-4048, CVE-2012-4049, CVE-2012-4285, CVE-2012-4286, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297, CVE-2012-4298, CVE-2013-3555, CVE-2013-3556, CVE-2013-3557, CVE-2013-3558, CVE-2013-3559
SHA-256 | ebd71cf22019908747f1ea5cdd3a86acfb248e6a38bfa41979b555e7a1acbe4c
Gentoo Linux Security Advisory 201308-05
Posted Aug 29, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-5 - Multiple vulnerabilities have been found in Wireshark, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.10.1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-0041, CVE-2012-0042, CVE-2012-0043, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068, CVE-2012-3548, CVE-2012-4048, CVE-2012-4049, CVE-2012-4285, CVE-2012-4286, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297, CVE-2012-4298, CVE-2013-3540, CVE-2013-3541, CVE-2013-3542, CVE-2013-3555, CVE-2013-3556
SHA-256 | afc074569b171377b721881b1008798f9d7adea3d3545cc57e14f5899a9a8a18
Mandriva Linux Security Advisory 2013-055
Posted Apr 7, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-055 - Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wireshark. Various other issues have also been addressed. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-2392, CVE-2012-2393, CVE-2012-2394, CVE-2012-4048, CVE-2012-4049, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4296, CVE-2012-4297, CVE-2012-5239, CVE-2012-6054, CVE-2012-6056, CVE-2013-2478, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482, CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2488
SHA-256 | 50158dbc1509957ea5b55594adaf0d178e91d56e6ed9f76cc060e45ce63180df
Red Hat Security Advisory 2013-0125-01
Posted Jan 8, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0125-01 - Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2011-1958, CVE-2011-1959, CVE-2011-2175, CVE-2011-2698, CVE-2011-4102, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-4285, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291
SHA-256 | eb30de7fd8f00a0a922069cfe6ff4ed5abf41c0cacda471253febe3314fe484d
Mandriva Linux Security Advisory 2012-135
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-135 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | ed1f626a9ec66091da1ced33f9dcf94853900a07685bff02a384520cb736cdfc
Mandriva Linux Security Advisory 2012-134
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-134 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The GSM RLC MAC dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4297, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | e7a2ce0735205d049fc69106cd58cf7bc1f4cbae6e55ed2fc256e52ad05d4759
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close