| Revision Date: | 2014-02-24 | Version: | 3 |
| Title: | Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. |
| Description: | Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2013-7114
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Wireshark
|
| Definition Synopsis |
| Wireshark is installed on the system. AND Version of Wireshark is 1.8.x before 1.8.12 or 1.10.x before 1.10.4
Version of Wireshark is 1.8.x before 1.8.12
Wireshark version is greater than or equal to 1.8.0
AND Wireshark version is less than 1.8.12
OR Version of Wireshark is 1.10.x before 1.10.4
Wireshark version is greater than or equal to 1.10.0
AND Wireshark version is less than 1.10.4
|