Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to cause a Denial of Service.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.10.6 or later,
For updates refer to http://www.wireshark.org/download
Insight
Flaw is due to improper memory allocation by 'dissect_protocol_data_parameter' function within the M3UA dissector (epan/dissectors/packet-m3ua.c).
Affected
Wireshark version 1.10.x before 1.10.6 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2282 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adobe Reader Privelege Escalation Vulnerability - Jul07 (Mac OS X)
- Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Win)