CVE-2010-4301
published 2010-11-26CVE-2010-4301: epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite…
PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
9.29%
94.7th percentile
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Wireshark: Infinite loop in Zigbee ZCL dissector
vendor_redhat·2010-11-18·CVSS 5.0
CVE-2010-4301 [MEDIUM] CWE-835 Wireshark: Infinite loop in Zigbee ZCL dissector
Wireshark: Infinite loop in Zigbee ZCL dissector
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
Statement: This issue did not affect the versions of wireshark shipped with
Red Hat Enterprise Linux 4, 5, and 6, as they did not include
support for the Zigbee Cluster Library (ZCL) protocol.
Package: wireshark (Red Hat Enterprise Linux 4) - Not affected
Package: wireshark (Red Hat Enterprise Linux 5) - Not affected
Package: wireshark (Red Hat Enterprise Linux 6) - Not affected
Debian
CVE-2010-4301: wireshark - epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0...
vendor_debian·2010·CVSS 5.0
CVE-2010-4301 [MEDIUM] CVE-2010-4301: wireshark - epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0...
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-wx8w-3v99-w2v8: epan/dissectors/packet-zbee-zcl
ghsa_unreviewed·2022-05-17
CVE-2010-4301 [MEDIUM] GHSA-wx8w-3v99-w2v8: epan/dissectors/packet-zbee-zcl
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
No detection rules found.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/69355http://secunia.com/advisories/42290http://secunia.com/advisories/42877http://secunia.com/advisories/43068http://www.exploit-db.com/exploits/15973http://www.securityfocus.com/bid/44986http://www.vupen.com/english/advisories/2010/3038http://www.vupen.com/english/advisories/2011/0076http://www.vupen.com/english/advisories/2011/0212http://www.wireshark.org/security/wnpa-sec-2010-14.htmlhttps://bugs.wireshark.org/bugzilla/attachment.cgi?id=5315&action=edithttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5303https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14713http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/69355http://secunia.com/advisories/42290http://secunia.com/advisories/42877http://secunia.com/advisories/43068http://www.exploit-db.com/exploits/15973http://www.securityfocus.com/bid/44986http://www.vupen.com/english/advisories/2010/3038http://www.vupen.com/english/advisories/2011/0076http://www.vupen.com/english/advisories/2011/0212http://www.wireshark.org/security/wnpa-sec-2010-14.htmlhttps://bugs.wireshark.org/bugzilla/attachment.cgi?id=5315&action=edithttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5303https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14713
2010-11-26
Published