Input validation error in Wireshark - CVE-2013-2488
Published: March 7, 2013 / Updated: July 28, 2020
Vulnerability identifier: #VU32719
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2013-2488
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Wireshark.org
Affected software:
Wireshark
Wireshark
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
How to mitigate CVE-2013-2488
Install update from vendor's website.
Sources
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html
- http://secunia.com/advisories/52471
- http://www.debian.org/security/2013/dsa-2644
- http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
- http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
- http://www.wireshark.org/security/wnpa-sec-2013-22.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16672