Published: 16/11/2023 Updated: 11/02/2024

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 12.0

A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code For the stable distribution (bookworm), these problems have been fixed in version 4011-1~deb12u1 We recommend that you upgrade your wireshark packages For the deta ...

DescriptionAn invalid memory block read was found in Wireshark's SSH dissector This issue may lead to an application crash and denial of service via packet injection or crafted capture fileAn invalid memory block read was found in Wireshark's SSH dissector This issue may lead to an application crash and denial of service via packet inject ...

CWE-74 https://www.wireshark.org/security/wnpa-sec-2023-28.html https://gitlab.com/wireshark/wireshark/-/issues/19369 https://www.debian.org/security/2023/dsa-5559 https://security.gentoo.org/glsa/202402-09 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V/https://www.debian.org/security/2023/dsa-5559 https://nvd.nist.gov

CVE-2023-6174

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect