Summary
This host is installed with Wireshark
and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow
attacker to cause denial of service attack.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.12.1 or later,
For updates refer to https://www.wireshark.org
Insight
Flaws are due to,
- Error in the get_quoted_string and get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector.
- The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector does not properly handle a NULL tree.
Affected
Wireshark version 1.12.x before 1.12.1 on Mac OS X
Detection
Get the installed version with the
help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-6425, CVE-2014-6426 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
- Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)
- ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
- CUPS Empty UDP Datagram DoS Vulnerability