Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2010-4301

Published: 26/11/2010 Updated: 19/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Wireshark

Vulnerability Summary

epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 up to and including 1.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.

Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 1.4.0

wireshark wireshark 1.4.1

Exploits

Exploit DB: Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service
Source: wwwsecurityfocuscom/bid/44986/info Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service conditions Wireshark 140 to 141 are vulnerable ...

References

CWE-399http://www.vupen.com/english/advisories/2010/3038http://osvdb.org/69355http://www.wireshark.org/security/wnpa-sec-2010-14.htmlhttp://secunia.com/advisories/42290https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5303https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5315&action=edithttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://www.securityfocus.com/bid/44986http://www.vupen.com/english/advisories/2011/0076http://secunia.com/advisories/42877http://www.exploit-db.com/exploits/15973http://www.vupen.com/english/advisories/2011/0212http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14713https://nvd.nist.govhttps://www.exploit-db.com/exploits/15973/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook