漏洞信息详情

Wireshark 协议解析器CPHAP 未明拒绝服务漏洞

漏洞简介

Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。

Wireshark的CPHAP协议解析模块中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的CPHA FWHA_MY_STATE报文或读取了恶意抓包文件的话,就会导致解析模块崩溃。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

http://media-2.cacetech.com/wireshark/src/wireshark-1.0.7.tar.bz2

参考网址

来源: FEDORA

名称: FEDORA-2009-5382

链接:https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html

来源: FEDORA

名称: FEDORA-2009-5339

链接:https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html

来源: FEDORA

名称: FEDORA-2009-3599

链接:https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html

来源: MISC

链接:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269

来源: XF

名称: wireshark-cphap-dos(49815)

链接:http://xforce.iss.net/xforce/xfdb/49815

来源: www.wireshark.org

链接:http://www.wireshark.org/security/wnpa-sec-2009-02.html

来源: SECTRACK

名称: 1022027

链接:http://www.securitytracker.com/id?1022027

来源: BID

名称: 34457

链接:http://www.securityfocus.com/bid/34457

来源: BUGTRAQ

名称: 20090417 rPSA-2009-0062-1 tshark wireshark

链接:http://www.securityfocus.com/archive/1/archive/1/502745/100/0/threaded

来源: REDHAT

名称: RHSA-2009:1100

链接:http://www.redhat.com/support/errata/RHSA-2009-1100.html

来源: MANDRIVA

名称: MDVSA-2009:088

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:088

来源: DEBIAN

名称: DSA-1785

链接:http://www.debian.org/security/2009/dsa-1785

来源: wiki.rpath.com

链接:http://wiki.rpath.com/Advisories:rPSA-2009-0062

来源: SECUNIA

名称: 35464

链接:http://secunia.com/advisories/35464

来源: SECUNIA

名称: 35416

链接:http://secunia.com/advisories/35416

来源: SECUNIA

名称: 35224

链接:http://secunia.com/advisories/35224

来源: SECUNIA

名称: 35133

链接:http://secunia.com/advisories/35133

来源: SECUNIA

名称: 34970

链接:http://secunia.com/advisories/34970

来源: SECUNIA

名称: 34778

链接:http://secunia.com/advisories/34778

来源: SUSE

名称: SUSE-SR:2009:011

链接:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多