CVE-2017-9351 - OpenCVE

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Wireshark	Wireshark

Configuration 1 [-]

OR	cpe:2.3:a:wireshark:wireshark::::::::
	cpe:2.3:a:wireshark:wireshark::::::::

References

Link	Resource
http://www.securityfocus.com/bid/98808	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038612	Third Party Advisory VDB Entry
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153	Issue Tracking Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183	Issue Tracking Third Party Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609	Issue Tracking Patch Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628	Issue Tracking Patch Vendor Advisory
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6e033c14da13bd5f72dfe07a347586517639d12
https://www.wireshark.org/security/wnpa-sec-2017-24.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-06-02T05:04:00

Updated: 2017-07-07T09:57:01

Reserved: 2017-06-01T00:00:00

Link: CVE-2017-9351

JSON object: View

NVD Information

Status : Modified

Published: 2017-06-02T05:29:00.543

Modified: 2023-11-07T02:50:45.250

Link: CVE-2017-9351

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-06-02T00:00:00", "descriptions": [{"lang": "en", "value": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-07T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153"}, {"name": "98808", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98808"}, {"tags": ["x_refsource_MISC"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-24.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609"}, {"tags": ["x_refsource_MISC"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6e033c14da13bd5f72dfe07a347586517639d12"}, {"name": "1038612", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038612"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-9351", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153"}, {"name": "98808", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98808"}, {"name": "https://www.wireshark.org/security/wnpa-sec-2017-24.html", "refsource": "MISC", "url": "https://www.wireshark.org/security/wnpa-sec-2017-24.html"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609", "refsource": "MISC", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609"}, {"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6e033c14da13bd5f72dfe07a347586517639d12", "refsource": "MISC", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6e033c14da13bd5f72dfe07a347586517639d12"}, {"name": "1038612", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038612"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628", "refsource": "MISC", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-9351", "datePublished": "2017-06-02T05:04:00", "dateReserved": "2017-06-01T00:00:00", "dateUpdated": "2017-07-07T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8897112-A1DB-4EB1-B94D-F3C8D8FE70FE", "versionEndIncluding": "2.0.12", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "02A5743A-630C-4DCD-954D-5F3FA1595DFC", "versionEndIncluding": "2.2.6", "versionStartIncluding": "2.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully."}, {"lang": "es", "value": "Fue encontrada una Vulnerabilidad en Wireshark versi\u00f3n 2.2.0 hasta 2.2.6 y versi\u00f3n 2.0.0 hasta 2.0.12, el disector DHCP pudo leer m\u00e1s all\u00e1 del final de un b\u00fafer. Esto se solucion\u00f3 en EPAN/dissectors/Packet-BOOTP.c mediante extracci\u00f3n del identificador de clase de proveedor con m\u00e1s detenimiento."}], "id": "CVE-2017-9351", "lastModified": "2023-11-07T02:50:45.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-02T05:29:00.543", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98808"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038612"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628"}, {"source": "cve@mitre.org", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6e033c14da13bd5f72dfe07a347586517639d12"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2017-24.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}