cnvd - cnvd-2016-00047

cnvd-2016-00047

Vulnerability from cnvd

Title: Wireshark Sniffer文件解析器拒绝服务漏洞

Description:

Wireshark是最流行的网络协议解析器。

Wireshark 2.0.1之前的2.0.x版本及1.12.9之前的1.12.x版本Sniffer文件解析器中wiretap/ngsniffer.c的ngsniffer_process_record函数未能正确验证记录长度和记录头的长度之间的关系，允许远程攻击者通过特制的文件会导致拒绝服务（越界读取和应用程序崩溃）。

Severity: 中

Patch Name: Wireshark Sniffer文件解析器拒绝服务漏洞的补丁

Patch Description:

Wireshark是最流行的网络协议解析器。

Formal description:

用户可联系供应商获得补丁信息： https://www.wireshark.org/security/wnpa-sec-2015-51.html

Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8733

Impacted products

Name
['Wireshark Wireshark 2.0.x(<2.0.1)', 'Wireshark Wireshark 1.12.x(<1.12.9)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-8733"
    }
  },
  "description": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 2.0.1\u4e4b\u524d\u76842.0.x\u7248\u672c\u53ca1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672cSniffer\u6587\u4ef6\u89e3\u6790\u5668\u4e2dwiretap/ngsniffer.c\u7684ngsniffer_process_record\u51fd\u6570\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u8bb0\u5f55\u957f\u5ea6\u548c\u8bb0\u5f55\u5934\u7684\u957f\u5ea6\u4e4b\u95f4\u7684\u5173\u7cfb\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u6587\u4ef6\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u754c\u8bfb\u53d6\u548c\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff09\u3002",
  "discovererName": "Mateusz Jurczyk",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.wireshark.org/security/wnpa-sec-2015-51.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00047",
  "openTime": "2016-01-06",
  "patchDescription": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 2.0.1\u4e4b\u524d\u76842.0.x\u7248\u672c\u53ca1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672cSniffer\u6587\u4ef6\u89e3\u6790\u5668\u4e2dwiretap/ngsniffer.c\u7684ngsniffer_process_record\u51fd\u6570\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u8bb0\u5f55\u957f\u5ea6\u548c\u8bb0\u5f55\u5934\u7684\u957f\u5ea6\u4e4b\u95f4\u7684\u5173\u7cfb\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u6587\u4ef6\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u754c\u8bfb\u53d6\u548c\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Wireshark Sniffer\u6587\u4ef6\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Wireshark Wireshark 2.0.x(\u003c2.0.1)",
      "Wireshark Wireshark 1.12.x(\u003c1.12.9)"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8733",
  "serverity": "\u4e2d",
  "submitTime": "2016-01-05",
  "title": "Wireshark Sniffer\u6587\u4ef6\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2015-8733 (GCVE-0-2015-8733)

Vulnerability from cvelistv5

Published

2016-01-04 02:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

References

▼	URL	Tags
	https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3505	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/79814	vdb-entry, x_refsource_BID
	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201604-05	vendor-advisory, x_refsource_GENTOO
	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html	x_refsource_CONFIRM
	http://www.wireshark.org/security/wnpa-sec-2015-51.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034551	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:21.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f"
          },
          {
            "name": "DSA-3505",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3505"
          },
          {
            "name": "79814",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79814"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"
          },
          {
            "name": "GLSA-201604-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201604-05"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"
          },
          {
            "name": "1034551",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034551"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f"
        },
        {
          "name": "DSA-3505",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3505"
        },
        {
          "name": "79814",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79814"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"
        },
        {
          "name": "GLSA-201604-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201604-05"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"
        },
        {
          "name": "1034551",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034551"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8733",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f",
              "refsource": "CONFIRM",
              "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f"
            },
            {
              "name": "DSA-3505",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3505"
            },
            {
              "name": "79814",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79814"
            },
            {
              "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827",
              "refsource": "CONFIRM",
              "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"
            },
            {
              "name": "GLSA-201604-05",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201604-05"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
            },
            {
              "name": "http://www.wireshark.org/security/wnpa-sec-2015-51.html",
              "refsource": "CONFIRM",
              "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"
            },
            {
              "name": "1034551",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034551"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8733",
    "datePublished": "2016-01-04T02:00:00",
    "dateReserved": "2016-01-03T00:00:00",
    "dateUpdated": "2024-08-06T08:29:21.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted