In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 03:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/99894 - | |
References | () http://www.securitytracker.com/id/1038966 - | |
References | () https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780 - Issue Tracking, Patch, Vendor Advisory | |
References | () https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a102c172b0b2fe231fdb49f4f6694603f5b93b0c - | |
References | () https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e57c86ef8e3b57b7f90c224f6053d1eacf20e1ba - | |
References | () https://lists.debian.org/debian-lts-announce/2017/12/msg00029.html - | |
References | () https://www.debian.org/security/2017/dsa-4060 - | |
References | () https://www.wireshark.org/security/wnpa-sec-2017-34.html - Vendor Advisory |
07 Nov 2023, 02:38
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-07-18 21:29
Updated : 2024-11-21 03:07
NVD link : CVE-2017-11408
Mitre link : CVE-2017-11408
CVE.ORG link : CVE-2017-11408
JSON object : View
Products Affected
wireshark
- wireshark
CWE
CWE-20
Improper Input Validation