FKIE_CVE-2014-4020

Vulnerability from fkie_nvd - Published: 2014-06-18 16:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html
cve@mitre.orghttp://www.wireshark.org/security/wnpa-sec-2014-07.htmlVendor Advisory
cve@mitre.orghttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030Exploit
cve@mitre.orghttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999Exploit
cve@mitre.orghttps://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=beb119f911a698d44f4baa06d888bb1e775983bc
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html
af854a3a-2127-422b-91ae-364da2661108http://www.wireshark.org/security/wnpa-sec-2014-07.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030Exploit
af854a3a-2127-422b-91ae-364da2661108https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999Exploit
af854a3a-2127-422b-91ae-364da2661108https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=beb119f911a698d44f4baa06d888bb1e775983bc
Impacted products
Vendor Product Version
wireshark wireshark 1.10.0
wireshark wireshark 1.10.1
wireshark wireshark 1.10.2
wireshark wireshark 1.10.3
wireshark wireshark 1.10.4
wireshark wireshark 1.10.5
wireshark wireshark 1.10.6
wireshark wireshark 1.10.7
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "481435A6-4790-4B3E-8EEA-0394A6AB481A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0BB28A-9E61-4073-9BE2-C34AB2BCF1EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0753BF56-C829-48C3-AA6E-C0A2A1EA1124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC206A02-8259-4FA0-8B6F-D8C58AB946C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B973D7E1-523B-4AB9-965F-F8BBD2420CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "633AE75A-89BB-458D-9609-2C238DAC25C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "20A8D578-A2DD-4D08-81C1-E4437F40D21D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0BBB2FB-A3D3-4D9F-88CB-F3D74395D364",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n dissect_frame en epan/dissectors/packet-frame.c en el marco metadissector en Wireshark 1.10.x anterior a 1.10.8 interpreta un entero negativo como un valor de longitud aunque la intenci\u00f3n era de representar una condici\u00f3n de error, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2014-4020",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-06-18T16:55:08.233",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.wireshark.org/security/wnpa-sec-2014-07.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=beb119f911a698d44f4baa06d888bb1e775983bc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.wireshark.org/security/wnpa-sec-2014-07.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=beb119f911a698d44f4baa06d888bb1e775983bc"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.