Denial of Service Vulnerability in Wireshark by The Wireshark Foundation
CVE-2013-2478

Currently unrated

Key Information:

Vendor

Opensuse
Status
Opensuse
Debian Linux
Vendor
CVE Published:
7 March 2013

What is CVE-2013-2478?

The dissect_server_info function in the MS-MMS dissector of Wireshark prior to specific versions fails to manage string lengths correctly. This oversight can allow remote attackers to initiate a denial of service by sending a malformed packet that either causes an integer overflow or incorporates embedded null characters within strings, leading to application crashes. Proper handling of input data is crucial for maintaining the stability and security of the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissec...
x_refsource_CONFIRM
http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2013-03/msg000...
vendor-advisoryx_refsource_SUSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.