CVE-2015-8733 - OpenCVE

The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Wireshark	Wireshark

Configuration 1 [-]

OR	cpe:2.3:a:wireshark:wireshark:1.12.0:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.1:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.2:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.3:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.4:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.5:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.6:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.7:::::::*
	cpe:2.3:a:wireshark:wireshark:1.12.8:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.0:::::::*

References

Link	Resource
http://www.debian.org/security/2016/dsa-3505
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.securityfocus.com/bid/79814
http://www.securitytracker.com/id/1034551
http://www.wireshark.org/security/wnpa-sec-2015-51.html	Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f
https://security.gentoo.org/glsa/201604-05

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-01-04T02:00:00

Updated: 2016-12-05T14:57:01

Reserved: 2016-01-03T00:00:00

Link: CVE-2015-8733

JSON object: View

NVD Information

Status : Modified

Published: 2016-01-04T05:59:23.863

Modified: 2023-11-07T02:28:40.667

Link: CVE-2015-8733

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-29T00:00:00", "descriptions": [{"lang": "en", "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f"}, {"name": "DSA-3505", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3505"}, {"name": "79814", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/79814"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"}, {"name": "GLSA-201604-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201604-05"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"}, {"name": "1034551", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034551"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8733", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f", "refsource": "CONFIRM", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f"}, {"name": "DSA-3505", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3505"}, {"name": "79814", "refsource": "BID", "url": "http://www.securityfocus.com/bid/79814"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827", "refsource": "CONFIRM", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"}, {"name": "GLSA-201604-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201604-05"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"name": "http://www.wireshark.org/security/wnpa-sec-2015-51.html", "refsource": "CONFIRM", "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"}, {"name": "1034551", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034551"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8733", "datePublished": "2016-01-04T02:00:00", "dateReserved": "2016-01-03T00:00:00", "dateUpdated": "2016-12-05T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "29AC5E99-9C21-4C2E-AE68-A4B887318577", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "B90C8934-01D8-4027-8A38-0B3230CC5077", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "49C89A62-69E2-40C5-9C75-FA6601A935A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "1946DDC9-E49F-4601-8448-E73B0480C880", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "E2F85560-F43E-46C5-9CD1-1A1D66E21580", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "2518D86A-623D-431E-9574-32B677D5FB94", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "FEA2B085-01D2-4707-A9F7-6545E4D6D99A", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "FE4BBF1A-4303-456C-AD19-F5BCF6FDD76B", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "AD3D5FFB-1A09-4A06-8E83-DF72E39E1891", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80E2A443-32DB-4C8B-8D2D-AE4F80A154A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file."}, {"lang": "es", "value": "La funci\u00f3n ngsniffer_process_record en wiretap/ngsniffer.c en el analizador de archivo Sniffer en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida las relaciones entre la longitud de los registros y la longitud de las cabeceras de los registros, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo manipulado."}], "id": "CVE-2015-8733", "lastModified": "2023-11-07T02:28:40.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-04T05:59:23.863", "references": [{"source": "cve@mitre.org", "url": "http://www.debian.org/security/2016/dsa-3505"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/79814"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1034551"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html"}, {"source": "cve@mitre.org", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827"}, {"source": "cve@mitre.org", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53fce30523d11ab3df319fba7b75d63076f"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201604-05"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}