Vulnerability Details : CVE-2013-4081
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2013-4081
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4081
0.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-4081
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-4081
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4081
-
http://anonsvn.wireshark.org/viewvc?view=revision&revision=49623
code.wireshark Code Review - wireshark.git/tree
-
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
Wireshark: Multiple vulnerabilities (GLSA 201308-05) — Gentoo security
-
http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
openSUSE-SU-2013:1084-1: moderate: update for wireshark
-
http://rhn.redhat.com/errata/RHSA-2014-0341.html
RHSA-2014:0341 - Security Advisory - Red Hat Customer Portal
-
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623&r2=49622&pathrev=49623
code.wireshark Code Review - wireshark.git/tree
-
http://www.securityfocus.com/bid/60505
Wireshark CVE-2013-4081 Stack Buffer Overflow Vulnerability
-
http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html
Wireshark · Wireshark 1.6.16 Release NotesVendor Advisory
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733
8733 – infinite recursion dissecting packetsVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820
Repository / Oval Repository
-
http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
Wireshark · Wireshark 1.8.8 Release NotesVendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:172
mandriva.com
-
http://www.wireshark.org/security/wnpa-sec-2013-39.html
Wireshark · wnpa-sec-2013-39 · HTTP dissector crashVendor Advisory
-
http://www.debian.org/security/2013/dsa-2709
Debian -- Security Information -- DSA-2709-1 wireshark
-
http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
openSUSE-SU-2013:1086-1: moderate: wireshark
Jump to