CVE-2017-5596 - OpenCVE

In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Wireshark	Wireshark

Configuration 1 [-]

OR	cpe:2.3:a:wireshark:wireshark:2.0.0:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.1:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.2:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.3:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.4:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.5:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.6:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.7:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.8:::::::*
	cpe:2.3:a:wireshark:wireshark:2.0.9:::::::*
	cpe:2.3:a:wireshark:wireshark:2.2.0:::::::*
	cpe:2.3:a:wireshark:wireshark:2.2.1:::::::*
	cpe:2.3:a:wireshark:wireshark:2.2.2:::::::*
	cpe:2.3:a:wireshark:wireshark:2.2.3:::::::*

References

Link	Resource
http://www.debian.org/security/2017/dsa-3811
http://www.securityfocus.com/bid/95795	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037694
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344	Issue Tracking Patch Third Party Advisory VDB Entry
https://code.wireshark.org/review/#/c/19746/	Patch Vendor Advisory
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=781f03580c81339513bb1238b202b72469a1240b
https://www.wireshark.org/security/wnpa-sec-2017-01.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-25T21:00:00

Updated: 2017-11-03T18:57:01

Reserved: 2017-01-25T00:00:00

Link: CVE-2017-5596

JSON object: View

NVD Information

Status : Modified

Published: 2017-01-25T21:59:00.137

Modified: 2023-11-07T02:49:26.757

Link: CVE-2017-5596

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-25T00:00:00", "descriptions": [{"lang": "en", "value": "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=781f03580c81339513bb1238b202b72469a1240b"}, {"name": "95795", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95795"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-01.html"}, {"name": "DSA-3811", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3811"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.wireshark.org/review/#/c/19746/"}, {"name": "1037694", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037694"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5596", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=781f03580c81339513bb1238b202b72469a1240b", "refsource": "CONFIRM", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=781f03580c81339513bb1238b202b72469a1240b"}, {"name": "95795", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95795"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344", "refsource": "CONFIRM", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344"}, {"name": "https://www.wireshark.org/security/wnpa-sec-2017-01.html", "refsource": "CONFIRM", "url": "https://www.wireshark.org/security/wnpa-sec-2017-01.html"}, {"name": "DSA-3811", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3811"}, {"name": "https://code.wireshark.org/review/#/c/19746/", "refsource": "CONFIRM", "url": "https://code.wireshark.org/review/#/c/19746/"}, {"name": "1037694", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037694"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-5596", "datePublished": "2017-01-25T21:00:00", "dateReserved": "2017-01-25T00:00:00", "dateUpdated": "2017-11-03T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80E2A443-32DB-4C8B-8D2D-AE4F80A154A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EF0B55F-A412-48E2-9047-7CCA8442766D", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C45C7F24-9B97-4FF6-AFE8-102EDA0B26D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8BE013B-8615-49DB-939E-B7E289171467", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "FDB30F17-A41A-4F09-977F-AB91E509247E", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D900BA83-D5D3-4A8D-8C32-D135A3E5190E", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A630396B-1D60-4C45-9A45-F15E542B1C1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F9A6D9AC-17D2-4A8F-A32A-23E8854D5514", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "03EF9BF7-868D-4E3C-978D-B3B5241011B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "B0F77523-59BD-431A-A790-C3886D337EEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "32F65580-D1F4-4ABC-A358-545BF29D8089", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6568A81-BE0B-4AEF-808C-74CD0C2EE9FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DFFBDC3C-3701-4890-8AA5-AD96EB528F05", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "AB13134E-A2E8-46A5-88B2-E2C2C24B6780", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow."}, {"lang": "es", "value": "En Wireshark 2.2.0 hasta la versi\u00f3n 2.2.3 y 2.0.0 hasta la versi\u00f3n 2.0.9, el disector ASTERIX podr\u00eda entrar en un bucle infinito, desencadenado por la inyecci\u00f3n de paquetes o un archivo de captura mal formado. Esto fue abordado en epan/dissectors/packet-asterix.c cambiando un tipo de datos para evitar un desbordamiento de enteros."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/835.html\">CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')</a>", "id": "CVE-2017-5596", "lastModified": "2023-11-07T02:49:26.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-25T21:59:00.137", "references": [{"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3811"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95795"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1037694"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://code.wireshark.org/review/#/c/19746/"}, {"source": "cve@mitre.org", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=781f03580c81339513bb1238b202b72469a1240b"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-01.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}]}