Wireshark M3UA 解析器拒绝服务漏洞(CVE-2014-2282)
发布日期:2014-03-10
更新日期:2014-03-15
受影响系统:
Wireshark Wireshark 1.8.0 - 1.8.12
Wireshark Wireshark 1.10.0 - 1.10.5
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 66070
CVE(CAN) ID: CVE-2014-2282
Wireshark是最流行的网络协议解析器。
WiresharkM3UA解析器在处理畸形数据包的实现上存在错误,可被恶意利用造成拒绝服务,也有可能执行任意代码。
<*来源:Laurent Butti.
链接:http://secunia.com/advisories/57265/
http://www.wireshark.org/security/wnpa-sec-2014-02.html
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Wireshark
---------
Wireshark已经为此发布了一个安全公告(wnpa-sec-2014-02)以及相应补丁:
wnpa-sec-2014-02:wnpa-sec-2014-02 · M3UA dissector crash
链接:http://www.wireshark.org/security/wnpa-sec-2014-02.html
相关推荐
gaogaorimu 2020-07-18
Dukezhao 2020-07-04
Jungzhang 2020-06-28
LandryBean 2020-06-14
Dukezhao 2020-05-29
iamplane 2020-05-26
dancheng 2020-05-26
gaogaorimu 2020-05-26
Jungzhang 2020-05-19
gaogaorimu 2020-05-09
dancheng 2020-05-01
MAC2007 2020-05-01
Jungzhang 2020-04-22
Dukezhao 2020-04-16
dancheng 2020-04-15
Jungzhang 2020-04-08
michellechouu 2020-04-08
Dukezhao 2020-03-14
jiangfuqiang 2020-03-12