CVE Vulnerabilities

CVE-2012-6057

Published: Dec 05, 2012 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.8.2 1.8.2
Wireshark Wireshark 1.8.3 1.8.3
Wireshark Wireshark 1.8.1 1.8.1
Wireshark Wireshark 1.8.0 1.8.0

References