CVE-2017-6471
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-6471
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6471.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-6471
- Related
- Published
- 2017-03-04T03:59:00Z
- Modified
- 2024-09-18T02:54:06.935971Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.
- References
-
- http://www.debian.org/security/2017/dsa-3811
- http://www.securityfocus.com/bid/96564
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348
- https://www.wireshark.org/security/wnpa-sec-2017-05.html
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=62afef41277dfac37f515207ca73d33306e3302b
- https://security.alpinelinux.org/vuln/CVE-2017-6471
- https://security-tracker.debian.org/tracker/CVE-2017-6471
Affected packages
Alpine:v3.5 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:apk/alpine/wireshark?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.5-r0
Affected versions
1.*
1.2.1-r0
1.2.2-r0
1.2.4-r0
1.2.6-r0
1.2.6-r1
1.2.6-r2
1.2.8-r0
1.2.9-r0
1.2.10-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.6-r0
1.4.7-r0
1.6.0-r0
1.6.0-r1
1.6.1-r0
1.6.2-r0
1.6.3-r0
1.6.4-r0
1.6.5-r0
1.6.6-r0
1.6.6-r1
1.6.8-r0
1.6.8-r1
1.8.1-r0
1.8.2-r0
1.8.3-r0
1.8.4-r0
1.8.5-r0
1.8.6-r0
1.8.7-r0
1.10.0-r0
1.10.1-r0
1.10.2-r0
1.10.2-r1
1.10.3-r0
1.10.3-r1
1.10.4-r0
1.10.5-r0
1.10.5-r1
1.10.6-r0
1.10.7-r0
1.10.8-r0
1.12.0-r0
1.12.0-r1
1.12.1-r0
1.12.1-r1
1.12.2-r0
1.12.3-r0
1.12.4-r0
1.12.4-r1
1.12.5-r0
1.12.7-r0
1.12.8-r0
2.*
2.0.0-r0
2.0.1-r0
2.0.2-r0
2.0.3-r0
2.0.4-r0
2.0.5-r0
2.2.0-r0
2.2.0-r1
2.2.2-r0
2.2.3-r0
2.2.4-r0
2.2.4-r1
Debian:11 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Debian:12 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Debian:13 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:deb/debian/wireshark?arch=source
Git / github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
IntroducedLast affectedIntroducedLast affected
Affected versions
2.*
2.2.1rc0
v2.*
v2.0.0
v2.0.1
v2.0.10
v2.0.10rc0
v2.0.1rc0
v2.0.2
v2.0.2rc0
v2.0.3
v2.0.3rc0
v2.0.4
v2.0.4rc0
v2.0.5
v2.0.5rc0
v2.0.6
v2.0.6rc0
v2.0.7
v2.0.7rc0
v2.0.8
v2.0.8rc0
v2.0.9
v2.0.9rc0
v2.2.0
v2.2.1
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
wireshark-2.*
wireshark-2.0.0
wireshark-2.0.1
wireshark-2.0.10
wireshark-2.0.2
wireshark-2.0.3
wireshark-2.0.4
wireshark-2.0.5
wireshark-2.0.6
wireshark-2.0.7
wireshark-2.0.8
wireshark-2.0.9
wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4