Vulnerability Details : CVE-2017-6471
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.
Vulnerability category: Input validation
Products affected by CVE-2017-6471
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6471
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6471
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-6471
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6471
-
https://www.wireshark.org/security/wnpa-sec-2017-05.html
Wireshark · wnpa-sec-2017-05 · WSP infinite loopVendor Advisory
-
http://www.securityfocus.com/bid/96564
Wireshark WSP Dissector 'tcp_graph.c' Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348
13348 – Fuzzed PCAP causes large memory usage in dissect_wspIssue Tracking;Patch;Vendor Advisory
-
http://www.debian.org/security/2017/dsa-3811
Debian -- Security Information -- DSA-3811-1 wiresharkThird Party Advisory
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b
code.wireshark Code Review - wireshark.git/commitIssue Tracking;Patch;Vendor Advisory
Jump to