CVE-2017-7746
EUVD-2017-1672112.04.2017, 23:59
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| wireshark | wireshark | 2.0.0 |
| wireshark | wireshark | 2.0.1 |
| wireshark | wireshark | 2.0.2 |
| wireshark | wireshark | 2.0.3 |
| wireshark | wireshark | 2.0.4 |
| wireshark | wireshark | 2.0.5 |
| wireshark | wireshark | 2.0.6 |
| wireshark | wireshark | 2.0.7 |
| wireshark | wireshark | 2.0.8 |
| wireshark | wireshark | 2.0.9 |
| wireshark | wireshark | 2.0.10 |
| wireshark | wireshark | 2.0.11 |
| wireshark | wireshark | 2.2.0 |
| wireshark | wireshark | 2.2.1 |
| wireshark | wireshark | 2.2.2 |
| wireshark | wireshark | 2.2.3 |
| wireshark | wireshark | 2.2.4 |
| wireshark | wireshark | 2.2.5 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| wireshark |
|
Common Weakness Enumeration
References