CVE-2016-7177 - OpenCVE

epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Wireshark	Wireshark

Configuration 1 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:wireshark:wireshark:2.0.0:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.1:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.2:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.3:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.4:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.5:::::::*

References

Link	Resource
http://www.debian.org/security/2016/dsa-3671	Third Party Advisory
http://www.securitytracker.com/id/1036760	Third Party Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750	Issue Tracking
https://code.wireshark.org/review/17096	Issue Tracking Patch
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638
https://www.wireshark.org/security/wnpa-sec-2016-52.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-09-09T10:00:00

Updated: 2016-09-27T14:57:01

Reserved: 2016-09-08T00:00:00

Link: CVE-2016-7177

JSON object: View

NVD Information

Status : Modified

Published: 2016-09-09T10:59:03.213

Modified: 2023-11-07T02:34:16.343

Link: CVE-2016-7177

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-09-07T00:00:00", "descriptions": [{"lang": "en", "value": "epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-09-27T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.wireshark.org/security/wnpa-sec-2016-52.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.wireshark.org/review/17096"}, {"name": "1036760", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036760"}, {"name": "DSA-3671", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3671"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7177", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.wireshark.org/security/wnpa-sec-2016-52.html", "refsource": "CONFIRM", "url": "https://www.wireshark.org/security/wnpa-sec-2016-52.html"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750", "refsource": "CONFIRM", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750"}, {"name": "https://code.wireshark.org/review/17096", "refsource": "CONFIRM", "url": "https://code.wireshark.org/review/17096"}, {"name": "1036760", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036760"}, {"name": "DSA-3671", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3671"}, {"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638", "refsource": "CONFIRM", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7177", "datePublished": "2016-09-09T10:00:00", "dateReserved": "2016-09-08T00:00:00", "dateUpdated": "2016-09-27T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80E2A443-32DB-4C8B-8D2D-AE4F80A154A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EF0B55F-A412-48E2-9047-7CCA8442766D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C45C7F24-9B97-4FF6-AFE8-102EDA0B26D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8BE013B-8615-49DB-939E-B7E289171467", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "FDB30F17-A41A-4F09-977F-AB91E509247E", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D900BA83-D5D3-4A8D-8C32-D135A3E5190E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet."}, {"lang": "es", "value": "epan/dissectors/packet-catapult-dct2000.c en el disector Catapult DCT2000 en Wireshark 2.x en versiones anteriores a 2.0.6 no restringe el n\u00famero de canales, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sobrelectura de b\u00fafer y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un paquete manipulado."}], "id": "CVE-2016-7177", "lastModified": "2023-11-07T02:34:16.343", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-09-09T10:59:03.213", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3671"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.securitytracker.com/id/1036760"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://code.wireshark.org/review/17096"}, {"source": "cve@mitre.org", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2016-52.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}