您的位置:

网络抓包工具Wireshark再爆DoS漏洞CVE-2017-17935

发布时间:2017年12月30日 18:26    浏览量:6892


网络抓包工具Wireshark 再爆 DoS漏洞 ,CVEID为CVE-2017-17935。此次问题出在  'epan/wslua/wslua_file.c' 模块上,因为它未能妥善处理某些类型的数据包,导致攻击者容易发起 DoS攻击 。Wireshark版本2.2.11及以前版本均受影响。

12月初, 网络抓包工具Wireshark曾出现过DoS漏洞CVE-2017-17085 ,当时问题出在epan/dissectors/packet-cipsafety.c 模块上 (小编,看燕子后续还有可能在其他模块上出现问题)

Wireshark是什么

网络抓包该工具Wireshark (前称Ethereal)是一个网络封包分析软件,网络分析人群中有一定的使用量。网络封包分析软件的功能是抓取网络封包,并尽可能显示出最为详细的网络封包资料。就在7月份, 网络抓包工具wireshark发布2.4.0, 新增加了21个功能

Wireshark DoS漏洞CVE-2017-17935

SecurityFocus评价

Wireshark是容易出现服务漏洞远程拒绝,因为它未能妥善处理某些类型的数据包。攻击者可以利用此问题来崩溃受影响的应用程序,拒绝向合法用户提供服务。

Wireshark版本2.2.11及以前版本均受影响。

Bugtraq ID: 102311
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-17935
Remote: Yes
Local: No
Published: Dec 27 2017 12:00AM
Updated: Dec 27 2017 12:00AM
Credit: Young
Vulnerable: Wireshark Wireshark 2.2.11
Wireshark Wireshark 2.2.10
Wireshark Wireshark 2.2.9
Wireshark Wireshark 2.2.8
Wireshark Wireshark 2.2.7
Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 1.12.13
Wireshark Wireshark 1.12.12
Wireshark Wireshark 1.12.11
Wireshark Wireshark 1.12.10
Wireshark Wireshark 1.12.8
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12
Wireshark Wireshark 1.10.14
Wireshark Wireshark 1.10.13
Wireshark Wireshark 1.10.12
Wireshark Wireshark 1.10.11
Wireshark Wireshark 1.10.10
Wireshark Wireshark 1.10.8
Wireshark Wireshark 1.10.7
Wireshark Wireshark 1.10.6
Wireshark Wireshark 1.10.5
Wireshark Wireshark 1.10.4
Wireshark Wireshark 1.10.3
Wireshark Wireshark 1.10.2
Wireshark Wireshark 1.10.1
Wireshark Wireshark 1.10
Wireshark Wireshark 1.8.13
Wireshark Wireshark 1.8.11
Wireshark Wireshark 1.8.10
Wireshark Wireshark 1.8.9
Wireshark Wireshark 1.8.7
Wireshark Wireshark 1.8.6
Wireshark Wireshark 1.8.5
Wireshark Wireshark 1.8.4
Wireshark Wireshark 1.5
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.2.18
Wireshark Wireshark 1.2.17
Wireshark Wireshark 1.2.16
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2
Wireshark Wireshark 1.0.15
Wireshark Wireshark 1.0.14
Wireshark Wireshark 1.0.13
Wireshark Wireshark 1.0.12
Wireshark Wireshark 1.0.11
Wireshark Wireshark 1.0.10
Wireshark Wireshark 1.0.9
Wireshark Wireshark 1.0.8
Wireshark Wireshark 1.0.7
Wireshark Wireshark 1.0.6
Wireshark Wireshark 1.0.5
Wireshark Wireshark 1.0.4
Wireshark Wireshark 1.0.3
Wireshark Wireshark 1.0.2
Wireshark Wireshark 1.0.1
Wireshark Wireshark 1.0
Wireshark Wireshark 0.99.8
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.1
Wireshark Wireshark 0.99
Wireshark Wireshark 0.10.14
Wireshark Wireshark 0.10.13
Wireshark Wireshark 0.10.12
Wireshark Wireshark 0.10.11
Wireshark Wireshark 0.10.10
Wireshark Wireshark 0.10.9
Wireshark Wireshark 0.10.8
Wireshark Wireshark 0.10.7
Wireshark Wireshark 0.10.6
Wireshark Wireshark 0.10.4
Wireshark Wireshark 0.10.3
Wireshark Wireshark 0.10.2
Wireshark Wireshark 0.10.1
Wireshark Wireshark 0.10
Wireshark Wireshark 0.9.14
Wireshark Wireshark 0.9.10
Wireshark Wireshark 0.9.6
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.9.2
Wireshark Wireshark 0.8.20
Wireshark Wireshark 0.8.19
Wireshark Wireshark 0.8.16
Wireshark Wireshark 0.7.9
Wireshark Wireshark 0.6
Wireshark Wireshark 1.8.8
Wireshark Wireshark 1.8.3
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.5.1
Wireshark Wireshark 1.4.0
Wireshark Wireshark 1.2.15
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.11
Wireshark Wireshark 1.12.9
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.10.9
Wireshark Wireshark 1.10
Wireshark Wireshark 1.0.16
Wireshark Wireshark 0.99.6A
Wireshark Wireshark 0.99
Wireshark Wireshark 0.9.8
Wireshark Wireshark 0.9.7
Wireshark Wireshark 0.10
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Not Vulnerable:
本文由:SecurityFocus 发布,版权归属于原作者。
如果转载,请注明出处及本文链接:
http://toutiao.secjia.com/wireshark-rdos-cve-2017-17935
如果此文章侵权,请留言,我们进行删除。

全行业Wireshark漏洞CVE-2017-17935wiresharkdos漏洞dos攻击网络抓包工具wireshark

相关阅读

网络抓包工具Wireshark DoS漏洞CVE-2017-17085

问题出在epan/dissectors/packet-cipsafety.c 模块上,因为它未能妥善处理某些类型的数据包,导致攻击者容易发起DoS攻击。

2017年12月7日 09:42 · 8247人气 · 0评论

网络抓包工具Wireshark再爆2个DoS漏洞CVE-2018-5334/5

问题是由于 wiretap/vwr.c 模块修正签名时间戳的边界检查,存在问题。同时还应该关注CVE-2018-5335,也是一个DoS漏洞,问题出在WCP Dissector 'epan/dissectors/packet-wcp.c 模块上。

2018年1月15日 11:14 · 5891人气 · 0评论

网络抓包工具Wireshark再爆DoS漏洞CVE-2018-7420

wiretap/pcapng.c模块中,攻击者可以通过注射一种畸形数据包到wireshark,或说服别人来读一个畸形数据包跟踪文件,进而让Wireshark崩溃。这是今年Wireshark的第二次DoS漏洞。

2018年3月2日 13:21 · 834人气 · 0评论

文章评论