Vulnerability Details : CVE-2010-0304
Public exploit exists!
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2010-0304
- cpe:2.3:a:wireshark:wireshark:0.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0304
93.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2010-0304
-
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow
Disclosure Date: 2010-01-27First seen: 2020-04-26exploit/multi/misc/wireshark_lwres_getaddrbynameThe LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrs -
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Disclosure Date: 2010-01-27First seen: 2020-04-26exploit/multi/misc/wireshark_lwres_getaddrbyname_loopThe LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrs
CVSS scores for CVE-2010-0304
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2010-0304
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0304
-
http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h
code.wireshark Code Review - wireshark.git/tree
-
http://www.wireshark.org/security/wnpa-sec-2010-02.html
Wireshark · wnpa-sec-2010-02 · LWRES vulnerability in WiresharkVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9933
Repository / Oval Repository
-
http://www.wireshark.org/security/wnpa-sec-2010-01.html
Wireshark · wnpa-sec-2010-01 · Multiple vulnerabilities in Wireshark
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:031
mandriva.com
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8490
Repository / Oval Repository
-
http://www.debian.org/security/2010/dsa-1983
Debian -- Security Information -- DSA-1983-1 wireshark
-
http://www.securityfocus.com/bid/37985
Wireshark Dissector LWRES Multiple Buffer Overflow VulnerabilitiesExploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/55951
Wireshark LWRES buffer overflow CVE-2010-0304 Vulnerability Report
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html
[SECURITY] Fedora 12 Update: wireshark-1.2.6-1.fc12
-
http://www.securitytracker.com/id?1023516
Wireshark Buffer Overflows in LWRES Dissector Let Remote Users Deny Service - SecurityTracker
-
http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname
-
http://www.openwall.com/lists/oss-security/2010/01/29/4
oss-security - Re: CVE id request: Wireshark
-
http://www.vupen.com/english/advisories/2010/0239
Webmail | OVH- OVHPatch;Vendor Advisory
Jump to