CVE-2012-6060

Published: Dec 5, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Affected (16)

Products: Wireshark: Wireshark

1 product

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.6.0
Wireshark Wireshark	Version 1.6.10
Wireshark Wireshark	Version 1.6.11
Wireshark Wireshark	Version 1.6.1
Wireshark Wireshark	Version 1.6.2
Wireshark Wireshark	Version 1.6.3
Wireshark Wireshark	Version 1.6.4
Wireshark Wireshark	Version 1.6.5
Wireshark Wireshark	Version 1.6.6
Wireshark Wireshark	Version 1.6.7
Wireshark Wireshark	Version 1.6.8
Wireshark Wireshark	Version 1.6.9
Wireshark Wireshark	Version 1.8.0
Wireshark Wireshark	Version 1.8.1
Wireshark Wireshark	Version 1.8.2
Wireshark Wireshark	Version 1.8.3

Related CWEs

References (16)

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-iscsi.c?r1=45524&r2=45523&pathrev=45524

Source: cve@mitre.org

Exploit

http://anonsvn.wireshark.org/viewvc?view=revision&revision=45524

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2012-12/msg00022.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2013-01/msg00042.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2014-0341.html

Source: cve@mitre.org

http://www.wireshark.org/security/wnpa-sec-2012-36.html

Source: cve@mitre.org

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7858

Source: cve@mitre.org

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16038

Source: cve@mitre.org

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-iscsi.c?r1=45524&r2=45523&pathrev=45524

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://anonsvn.wireshark.org/viewvc?view=revision&revision=45524

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2012-12/msg00022.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-01/msg00042.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0341.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2012-36.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7858

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16038

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.