Back to search
CVE-2016-7180
Published: Sep 9, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.wireshark.org/security/wnpa-sec-2016-55.html
x_refsource_CONFIRM
1036760
vdb-entry
x_refsource_SECTRACK
DSA-3671
vendor-advisory
x_refsource_DEBIAN
https://code.wireshark.org/review/17289
x_refsource_CONFIRM
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12782
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now