Wireshark Ptvcursor Denial-of-Service Vulnerability (CVE-2015-6248)
Wireshark Ptvcursor Denial-of-Service Vulnerability (CVE-2015-6248)
Release date:
Updated on:
Affected Systems:
Wireshark Wireshark 1.12.x
Description:
Bugtraq id: 76387
CVE (CAN) ID: CVE-2015-6248
Wireshark is the most popular network protocol parser.
Wireshark versions earlier than 1.12.7, epan/proto. c In the implementation of ptvcursor, The ptvcursor_add function does not check whether the expected data volume is available. This allows remote attackers to exploit this vulnerability to cause DoS (application crash) by constructing packets ).
<* Source: Antti Levom & #195; ¤ ki
*>
Suggestion:
Vendor patch:
Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://bugs.wireshark.org/bugzilla/show_bug.cgi? Id = 11358
Http://www.wireshark.org/security/wnpa-sec-2015-26.html
Https://code.wireshark.org/review/gitweb? P = wireshark. git; a = commit; h = 5523726e6960fe9d7e301376fd7a94599f65fd42
Install Wireshark in Ubuntu 13.10
Simple use of Wireshark
Install Wireshark in Ubuntu 12.04
Starting Wireshark packet capture from common users in Linux
Install and run Wireshark in Linux
Wireshark details: click here
Wireshark: click here
This article permanently updates the link address: