Back to search
CVE-2013-5718
Published: Sep 13, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2013:1481
vendor-advisory
x_refsource_SUSE
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9005
x_refsource_CONFIRM
55022
third-party-advisory
x_refsource_SECUNIA
https://www.wireshark.org/security/wnpa-sec-2013-55.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:18784
vdb-entry
signature
x_refsource_OVAL
http://anonsvn.wireshark.org/viewvc?view=revision&revision=51195
x_refsource_CONFIRM
DSA-2756
vendor-advisory
x_refsource_DEBIAN
54812
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:1483
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now