漏洞类别:Local
漏洞等级: 
漏洞信息
Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.
A remote user can cause the target service to consume excessive CPU resources or crash.
The MSDP dissector is affected [CVE-2017-13767].
The IrCOMM dissector is affected by a buffer overread [CVE-2017-13765].
The Profinet I/O dissector is affected by a buffer overrun [CVE-2017-13766].
The Modbus dissector is affected [CVE-2017-13764].
Affected Versions
Wireshark 2.0.0 to 2.0.14, 2.2.0 to 2.2.8, 2.4.0
漏洞危害
A remote user can cause the target service to consume excessive CPU resources or crash.
解决方案
The vendor has issued a fix (2.0.15, 2.2.9, 2.4.1).
The latest version is available for download from Wireshark.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论