Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to cause a Denial of Service.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.10.6 or later,
For updates refer to http://www.wireshark.org/download
Insight
Flaw is due to improper memory allocation by 'dissect_protocol_data_parameter' function within the M3UA dissector (epan/dissectors/packet-m3ua.c).
Affected
Wireshark version 1.10.x before 1.10.6 on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2282 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability
- Adobe Flash Media Server Video Stream Capture Security Issue
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
- Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)