Published: 23/02/2018 Updated: 24/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark

debian debian linux 7.0

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

A denial of service flaw was found in the IEEE 80211 dissector in Wireshark A remote network attacker could potentially use this flaw to crash Wireshark by tricking it into processing a crafted packet ...
It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 80211, SIGCOMP, LDSS, GSM A DTAP and Q931, which result in denial of service or the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 1 ...
Oracle Solaris Third Party Bulletin - January 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critica ...