cnvd - cnvd-2016-00059

cnvd-2016-00059

Vulnerability from cnvd

Title: Wireshark VeriWave解析器拒绝服务漏洞

Description:

Wireshark是最流行的网络协议解析器。

Wireshark 2.0.1之前的2.0.x版本及1.12.9之前的1.12.x版本，VeriWave解析器中wiretap/vwr.c未验证某些签名及MCS数据，通过构造的数据包，远程攻击者利用此漏洞可造成拒绝服务（越界读及应用崩溃）。

Severity: 中

Patch Name: Wireshark VeriWave解析器拒绝服务漏洞的补丁

Patch Description:

Wireshark是最流行的网络协议解析器。

Wireshark 2.0.1之前的2.0.x版本及1.12.9之前的1.12.x版本，VeriWave解析器中wiretap/vwr.c未验证某些签名及MCS数据，通过构造的数据包，远程攻击者利用此漏洞可造成拒绝服务（越界读及应用崩溃）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/security/wnpa-sec-2015-44.html https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292

Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8726

Impacted products

Name
['Wireshark Wireshark 2.0.x(<2.0.1)', 'Wireshark Wireshark 1.12.x(<1.12.9)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-8726"
    }
  },
  "description": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 2.0.1\u4e4b\u524d\u76842.0.x\u7248\u672c\u53ca1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672c\uff0cVeriWave\u89e3\u6790\u5668\u4e2dwiretap/vwr.c\u672a\u9a8c\u8bc1\u67d0\u4e9b\u7b7e\u540d\u53caMCS\u6570\u636e\uff0c\u901a\u8fc7\u6784\u9020\u7684\u6570\u636e\u5305\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u754c\u8bfb\u53ca\u5e94\u7528\u5d29\u6e83\uff09\u3002",
  "discovererName": "Mateusz Jurczyk",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www.wireshark.org/security/wnpa-sec-2015-44.html\r\nhttps://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00059",
  "openTime": "2016-01-06",
  "patchDescription": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 2.0.1\u4e4b\u524d\u76842.0.x\u7248\u672c\u53ca1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672c\uff0cVeriWave\u89e3\u6790\u5668\u4e2dwiretap/vwr.c\u672a\u9a8c\u8bc1\u67d0\u4e9b\u7b7e\u540d\u53caMCS\u6570\u636e\uff0c\u901a\u8fc7\u6784\u9020\u7684\u6570\u636e\u5305\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u754c\u8bfb\u53ca\u5e94\u7528\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Wireshark VeriWave\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Wireshark Wireshark 2.0.x(\u003c2.0.1)",
      "Wireshark Wireshark 1.12.x(\u003c1.12.9)"
    ]
  },
  "referenceLink": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789\r\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8726",
  "serverity": "\u4e2d",
  "submitTime": "2016-01-05",
  "title": "Wireshark VeriWave\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2015-8726 (GCVE-0-2015-8726)

Vulnerability from cvelistv5

Published

2016-01-04 02:00

Modified

2024-08-06 08:29

Severity ?

CWE

Summary

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

References

▼	URL	Tags
	https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/79382	vdb-entry, x_refsource_BID
	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789	x_refsource_CONFIRM
	https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=185911de7d337246044c8e99da2f5b4bac74c0d5	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3505	vendor-advisory, x_refsource_DEBIAN
	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201604-05	vendor-advisory, x_refsource_GENTOO
	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html	x_refsource_CONFIRM
	http://www.wireshark.org/security/wnpa-sec-2015-44.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034551	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:21.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292"
          },
          {
            "name": "79382",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79382"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=185911de7d337246044c8e99da2f5b4bac74c0d5"
          },
          {
            "name": "DSA-3505",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3505"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791"
          },
          {
            "name": "GLSA-201604-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201604-05"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.wireshark.org/security/wnpa-sec-2015-44.html"
          },
          {
            "name": "1034551",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034551"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292"
        },
        {
          "name": "79382",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79382"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=185911de7d337246044c8e99da2f5b4bac74c0d5"
        },
        {
          "name": "DSA-3505",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3505"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791"
        },
        {
          "name": "GLSA-201604-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201604-05"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.wireshark.org/security/wnpa-sec-2015-44.html"
        },
        {
          "name": "1034551",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034551"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8726",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292",
              "refsource": "CONFIRM",
              "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292"
            },
            {
              "name": "79382",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79382"
            },
            {
              "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789",
              "refsource": "CONFIRM",
              "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789"
            },
            {
              "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=185911de7d337246044c8e99da2f5b4bac74c0d5",
              "refsource": "CONFIRM",
              "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=185911de7d337246044c8e99da2f5b4bac74c0d5"
            },
            {
              "name": "DSA-3505",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3505"
            },
            {
              "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791",
              "refsource": "CONFIRM",
              "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791"
            },
            {
              "name": "GLSA-201604-05",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201604-05"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
            },
            {
              "name": "http://www.wireshark.org/security/wnpa-sec-2015-44.html",
              "refsource": "CONFIRM",
              "url": "http://www.wireshark.org/security/wnpa-sec-2015-44.html"
            },
            {
              "name": "1034551",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034551"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8726",
    "datePublished": "2016-01-04T02:00:00",
    "dateReserved": "2016-01-03T00:00:00",
    "dateUpdated": "2024-08-06T08:29:21.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted