Vulnerability Details : CVE-2014-2281
Potential exploit
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
Vulnerability category: Memory CorruptionInput validationDenial of service
Products affected by CVE-2014-2281
- cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-2281
0.66%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-2281
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2014-2281
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2281
-
http://rhn.redhat.com/errata/RHSA-2014-0342.html
RHSA-2014:0342 - Security Advisory - Red Hat Customer Portal
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9672
9672 – Memory corruption in packet-nfs.cExploit;Patch
-
http://www.debian.org/security/2014/dsa-2871
Debian -- Security Information -- DSA-2871-1 wireshark
-
http://www.securitytracker.com/id/1029907
Wireshark NFS/M3UA/RLC Dissector Bugs Let Remote Users Deny Service and MPEG Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://rhn.redhat.com/errata/RHSA-2014-0341.html
RHSA-2014:0341 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html
openSUSE-SU-2014:0383-1: moderate: wireshark to 1.8.13
-
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-nfs.c?r1=54875&r2=54874&pathrev=54875
code.wireshark Code Review - wireshark.git/treePatch
-
http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html
openSUSE-SU-2014:0382-1: moderate: wireshark to 1.8.13/1.10.6
-
http://www.wireshark.org/security/wnpa-sec-2014-01.html
Wireshark · wnpa-sec-2014-01 · NFS dissector crashVendor Advisory
-
http://anonsvn.wireshark.org/viewvc?view=revision&revision=54875
code.wireshark Code Review - wireshark.git/treePatch
-
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10
Multiple vulnerabilities in Wireshark | Oracle Third Party Vulnerability Resolution Blog
Jump to