Vulnerability Details : CVE-2013-1580
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2013-1580
- cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1580
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1580
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.9
|
LOW | AV:A/AC:M/Au:N/C:N/I:N/A:P |
5.5
|
2.9
|
NIST |
CWE ids for CVE-2013-1580
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1580
-
http://www.wireshark.org/security/wnpa-sec-2013-01.html
Wireshark · wnpa-sec-2013-01 · Infinite and large loops in several dissectorsVendor Advisory
-
http://anonsvn.wireshark.org/viewvc?view=revision&revision=47045
code.wireshark Code Review - wireshark.git/tree
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15509
Repository / Oval Repository
-
http://anonsvn.wireshark.org/viewvc/trunk/plugins/docsis/packet-cmstatus.c?r1=47045&r2=47044&pathrev=47045
code.wireshark Code Review - wireshark.git/tree
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8199
8199 – CMSSTATUS dissector hangs
-
http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html
openSUSE-SU-2013:0276-1: moderate: wireshark: update to 1.8.5
-
http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html
openSUSE-SU-2013:0285-1: moderate: wireshark: update to 1.8.5
Jump to