Published: 17/11/2016 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 2.0.0
wireshark wireshark 2.0.4
wireshark wireshark 2.2.0
wireshark wireshark 2.0.1
wireshark wireshark 2.2.1
wireshark wireshark 2.0.7
wireshark wireshark 2.0.2
wireshark wireshark 2.0.3
wireshark wireshark 2.0.6
wireshark wireshark 2.0.5
debian debian linux 8.0

In Wireshark 220 to 221 and 200 to 207, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file This was addressed in epan/dissectors/packet-dtnc by checking whether SDNV evaluation was successful ...

CWE-20 CWE-399 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13097 https://www.wireshark.org/security/wnpa-sec-2016-62.html http://www.securityfocus.com/bid/94369 http://www.debian.org/security/2016/dsa-3719 http://www.securitytracker.com/id/1037313 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=be6a10afc59f8182b9884d02f9857d547539fe8a https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-9375

CVE-2016-9375

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect