๐ Wireshark 1.6.0 up to 1.10.0 DCP ETSI Dissector packet-dcp-etsi.c dissect_pft Fragment Length input validation
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability classified as problematic was found in Wireshark (Packet Analyzer Software). Affected by this vulnerability is the function dissect_pft
of the file packet-dcp-etsi.c of the component DCP ETSI Dissector. Upgrading to version 1.6.16 or 1.8.8 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at anonsvn.wireshark.org. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. ...