ID CVE-2013-2476
Summary The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
References
Vulnerable Configurations
  • Wireshark 1.8.0
    cpe:2.3:a:wireshark:wireshark:1.8.0
  • Wireshark 1.8.1
    cpe:2.3:a:wireshark:wireshark:1.8.1
  • Wireshark 1.8.2
    cpe:2.3:a:wireshark:wireshark:1.8.2
  • Wireshark 1.8.3
    cpe:2.3:a:wireshark:wireshark:1.8.3
  • Wireshark 1.8.4
    cpe:2.3:a:wireshark:wireshark:1.8.4
  • Wireshark 1.8.5
    cpe:2.3:a:wireshark:wireshark:1.8.5
  • OpenSUSE 11.4
    cpe:2.3:o:opensuse:opensuse:11.4
  • OpenSUSE 12.1
    cpe:2.3:o:opensuse:opensuse:12.1
  • OpenSUSE 12.2
    cpe:2.3:o:opensuse:opensuse:12.2
  • OpenSUSE 12.3
    cpe:2.3:o:opensuse:opensuse:12.3
CVSS
Base: 6.1 (as of 02-12-2015 - 10:54)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Windows
    NASL id WIRESHARK_1_8_6.NASL
    description The installed version of Wireshark 1.8 is earlier than 1.8.6. It is, therefore, affected by the following vulnerabilities : - Errors exist in the CSN.1, CIMD, DTLS, Mount, MS-MMS, RTPS, RTPS2, and TCP dissectors that could allow them to crash. (Bugs 8274, 8332, 8335, 8346, 8380, 8382) - Errors exist in the AMPQ, FCSP, HART/IP, MPLS Echo, and RELOAD dissectors that could lead to an infinite loop, resulting in a denial of service. (Bugs 8039, 8337, 8359, 8360, 8364) - The ACN dissector can attempt a divide by zero operation that could lead to an application crash. (Bug 8340)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 65254
    published 2013-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65254
    title Wireshark 1.8.x < 1.8.6 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-223.NASL
    description wireshark was updated to 1.8.6 [bnc#807942] + vulnerabilities fixed : - The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 - The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 - The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 - The MS-MMS dissector could crash. wnpa-sec-2013-13 CVE-2013-2478 - The MPLS Echo dissector could go into an infinite loop. wnpa-sec-2013-14 CVE-2013-2479 - The RTPS and RTPS2 dissectors could crash. wnpa-sec-2013-15 CVE-2013-2480 - The Mount dissector could crash. wnpa-sec-2013-16 CVE-2013-2481 - The AMPQ dissector could go into an infinite loop. wnpa-sec-2013-17 CVE-2013-2482 - The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18 CVE-2013-2483 - The CIMD dissector could crash. wnpa-sec-2013-19 CVE-2013-2484 - The FCSP dissector could go into an infinite loop. wnpa-sec-2013-20 CVE-2013-2485 - The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487 - The DTLS dissector could crash. wnpa-sec-2013-22 CVE-2013-2488 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h tml
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 74930
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74930
    title openSUSE Security Update : wireshark (openSUSE-SU-2013:0494-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-497.NASL
    description Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP which could result in denial of service. This update also fixes many older less important issues by updating the package to the version found in Debian 8 also known as Jessie. For Debian 7 'Wheezy', these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u6~deb7u1. We recommend that you upgrade your wireshark packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 91395
    published 2016-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91395
    title Debian DLA-497-1 : wireshark security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-130312.NASL
    description wireshark has been updated to 1.8.6 which fixes bugs and security issues : Vulnerabilities fixed : - The TCP dissector could crash. wnpa-sec-2013-10. (CVE-2013-2475) - The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11. (CVE-2013-2476) - The CSN.1 dissector could crash. wnpa-sec-2013-12. (CVE-2013-2477) - The MS-MMS dissector could crash. wnpa-sec-2013-13. (CVE-2013-2478) - The MPLS Echo dissector could go into an infinite loop. wnpa-sec-2013-14. (CVE-2013-2479) - The RTPS and RTPS2 dissectors could crash. wnpa-sec-2013-15. (CVE-2013-2480) - The Mount dissector could crash. wnpa-sec-2013-16. (CVE-2013-2481) - The AMPQ dissector could go into an infinite loop. wnpa-sec-2013-17. (CVE-2013-2482) - The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18. (CVE-2013-2483) - The CIMD dissector could crash. wnpa-sec-2013-19. (CVE-2013-2484) - The FCSP dissector could go into an infinite loop. wnpa-sec-2013-20. (CVE-2013-2485) - The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-21. (CVE-2013-2486 / CVE-2013-2487) - The DTLS dissector could crash. wnpa-sec-2013-22 (CVE-2013-2488) More information about further bug fixes and updated protocol support are listed here: http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h tml
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 66254
    published 2013-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66254
    title SuSE 11.2 Security Update : wireshark (SAT Patch Number 7490)
oval via4
accepted 2013-04-29T04:16:18.226-04:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
family windows
id oval:org.mitre.oval:def:15838
status accepted
submitted 2013-03-07T12:06:57.698-05:00
title The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short
version 6
refmap via4
confirm
secunia 52471
suse
  • openSUSE-SU-2013:0494
  • openSUSE-SU-2013:0506
Last major update 02-12-2015 - 12:30
Published 07-03-2013 - 10:55
Last modified 30-10-2018 - 12:27
Back to Top