ID CVE-2012-5237
Summary The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
References
Vulnerable Configurations
  • Wireshark 1.8.0
    cpe:2.3:a:wireshark:wireshark:1.8.0
  • Wireshark 1.8.1
    cpe:2.3:a:wireshark:wireshark:1.8.1
  • Wireshark 1.8.2
    cpe:2.3:a:wireshark:wireshark:1.8.2
CVSS
Base: 3.3 (as of 05-10-2012 - 13:13)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_A77064141BE711E29AAD902B343DEEC9.NASL
    description Wireshark reports : The HSRP dissector could go into an infinite loop. The PPP dissector could abort. Martin Wilck discovered an infinite loop in the DRDA dissector. Laurent Butti discovered a buffer overflow in the LDP dissector.
    last seen 2018-11-24
    modified 2018-11-23
    plugin id 62649
    published 2012-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62649
    title FreeBSD : Wireshark -- Multiple Vulnerabilities (a7706414-1be7-11e2-9aad-902b343deec9)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_WIRESHARK_20130129.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. (CVE-2012-3548) - The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. (CVE-2012-5237) - epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. (CVE-2012-5238) - Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. (CVE-2012-5240)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80805
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80805
    title Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark4)
  • NASL family Windows
    NASL id WIRESHARK_1_8_3.NASL
    description The installed version of Wireshark 1.8 is earlier than 1.8.3. It thus is affected by the following vulnerabilities : - A malformed packet can cause the 'DRDA' and 'HSRP' dissectors to enter an infinite loop, thereby consuming excessive CPU resources. (CVE-2012-3548, CVE-2012-5237) - A malformed packet can cause the 'PPP' dissector to crash the application. (CVE-2012-5238) - A malformed packet can trigger a buffer overflow in the 'LDP' dissector, which results in an application crash. (CVE-2012-5240)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 62478
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62478
    title Wireshark 1.8.x < 1.8.3 Multiple Vulnerabilities
oval via4
accepted 2013-08-19T04:00:49.678-04:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
family windows
id oval:org.mitre.oval:def:14992
status accepted
submitted 2012-10-09T15:58:55.334-04:00
title Vulnerability in the dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3
version 7
refmap via4
bid 55754
confirm
osvdb 85884
sectrack 1027604
xf wireshark-hsrp-dos(79009)
Last major update 02-11-2013 - 23:28
Published 04-10-2012 - 15:55
Last modified 18-09-2017 - 21:35
Back to Top