Back to search
CVE-2012-5238
Published: Oct 4, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7668
x_refsource_CONFIRM
55754
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:15593
vdb-entry
signature
x_refsource_OVAL
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44688
x_refsource_CONFIRM
http://www.wireshark.org/security/wnpa-sec-2012-27.html
x_refsource_CONFIRM
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7316
x_refsource_CONFIRM
1027604
vdb-entry
x_refsource_SECTRACK
wireshark-ppp-dissector-dos(79010)
vdb-entry
x_refsource_XF
http://anonsvn.wireshark.org/viewvc?view=revision&revision=42989
x_refsource_CONFIRM
85883
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now