CVE-2012-1593
published 2012-04-11CVE-2012-1593: epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of…
PriorityP420low3.3CVSS 2.0
AVAACLAuNCNINAP
EXPLOIT
EPSS
11.29%
95.4th percentile
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.6.6-1 (bookworm) | wireshark 1.6.6-1 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.6.6-1 | 1.6.6-1 |
| wireshark | wireshark | >= 0 < 1.6.6-1 | 1.6.6-1 |
| wireshark | wireshark | >= 0 < 1.6.6-1 | 1.6.6-1 |
| wireshark | wireshark | >= 0 < 1.6.6-1 | 1.6.6-1 |
CVSS provenance
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:N/I:N/A:P
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
wireshark: NULL pointer dereference in ANSI A dissector
vendor_redhat·2012-02-10·CVSS 3.3
CVE-2012-1593 [LOW] CWE-476 wireshark: NULL pointer dereference in ANSI A dissector
wireshark: NULL pointer dereference in ANSI A dissector
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
Statement: Not Vulnerable. This issue does not affect the version of wireshark as shipped
with Red Hat Enterprise Linux 5 and 6.
Package: wireshark (Red Hat Enterprise Linux 5) - Not affected
Package: wireshark (Red Hat Enterprise Linux 6) - Not affected
Debian
CVE-2012-1593: wireshark - epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x befor...
vendor_debian·2012·CVSS 3.3
CVE-2012-1593 [LOW] CVE-2012-1593: wireshark - epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x befor...
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
Scope: local
bookworm: resolved (fixed in 1.6.6-1)
bullseye: resolved (fixed in 1.6.6-1)
forky: resolved (fixed in 1.6.6-1)
sid: resolved (fixed in 1.6.6-1)
trixie: resolved (fixed in 1.6.6-1)
GHSA
GHSA-7g8h-gv59-45hj: epan/dissectors/packet-ansi_a
ghsa_unreviewed·2022-05-14
CVE-2012-1593 [LOW] GHSA-7g8h-gv59-45hj: epan/dissectors/packet-ansi_a
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
OSV
CVE-2012-1593: epan/dissectors/packet-ansi_a
osv·2012-04-11·CVSS 3.3
CVE-2012-1593 [LOW] CVE-2012-1593: epan/dissectors/packet-ansi_a
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
No detection rules found.
Exploit-DB
SAP NetWeaver Message Server - Multiple Vulnerabilities
exploitdb·2013-02-17·CVSS 9.8
CVE-2013-1592 [CRITICAL] SAP NetWeaver Message Server - Multiple Vulnerabilities
SAP NetWeaver Message Server - Multiple Vulnerabilities
---
1. *Advisory Information*
Title: SAP Netweaver Message Server Multiple Vulnerabilities
Advisory ID: CORE-2012-1128
Advisory URL:
http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities
Date published: 2013-02-13
Date of last update: 2013-02-13
Vendors contacted: SAP
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Improper Validation of Array Index [CWE-129], Buffer overflow
[CWE-119]
Impact: Code execution, Denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
CVE Name: CVE-2013-1592, CVE-2013-1593
3. *Vulnerability Description*
SAP Netweaver [1] is a technology platform for building and integrating
SAP business applications. Multiple vulnerabilities have be
Exploit-DB
Wireshark - 'call_dissector()' Null Pointer Dereference Denial of Service
exploitdb·2012-04-19
CVE-2012-1593 Wireshark - 'call_dissector()' Null Pointer Dereference Denial of Service
Wireshark - 'call_dissector()' Null Pointer Dereference Denial of Service
---
source: https://www.securityfocus.com/bid/52735/info
Wireshark is prone to a remote denial-of-service vulnerability caused by a NULL-pointer-dereference error.
An attacker can exploit this issue to crash the application, resulting in a denial-of-service condition.
The following Wireshark versions are vulnerable:
1.4.0 through 1.4.11
1.6.0 through 1.6.5
PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18758.pcap
Bugzilla
CVE-2012-1593 CVE-2012-1594 CVE-2012-1595 CVE-2012-1596 wireshark various flaws [fedora-16]
bugzilla·2012-04-02·CVSS 3.3
CVE-2012-1593 [LOW] CVE-2012-1593 CVE-2012-1594 CVE-2012-1595 CVE-2012-1596 wireshark various flaws [fedora-16]
CVE-2012-1593 CVE-2012-1594 CVE-2012-1595 CVE-2012-1596 wireshark various flaws [fedora-16]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new
Bugzilla
CVE-2012-1593 wireshark: NULL pointer dereference in ANSI A dissector
bugzilla·2012-03-28·CVSS 3.3
CVE-2012-1593 [LOW] CVE-2012-1593 wireshark: NULL pointer dereference in ANSI A dissector
CVE-2012-1593 wireshark: NULL pointer dereference in ANSI A dissector
A NULL pointer dereference flaw was found in the way ANSI A dissector of the Wireshark, a network traffic analyzer, processed certain capture files (those causing wireshark to pass NULL packet information via a global variable to the call_dissector() routine). A remote attacker could provide a specially-crafted packet capture file, which once opened by a local unsuspecting user would lead to wireshark executable crash.
Upstream bug report:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823
Relevant upstream patch:
[2] http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962
CVE Request:
[3] http://www.openwall.com/lists/oss-security/2012/03/28/7
Reproducer:
[4] http://www.wireshark.org/download/aut
http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.htmlhttp://lists.opensuse.org/opensuse-updates/2012-04/msg00060.htmlhttp://secunia.com/advisories/48548http://secunia.com/advisories/48986http://www.exploit-db.com/exploits/18758http://www.openwall.com/lists/oss-security/2012/03/28/13http://www.securitytracker.com/id?1026874http://www.wireshark.org/security/wnpa-sec-2012-04.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823https://exchange.xforce.ibmcloud.com/vulnerabilities/74361https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14991http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.htmlhttp://lists.opensuse.org/opensuse-updates/2012-04/msg00060.htmlhttp://secunia.com/advisories/48548http://secunia.com/advisories/48986http://www.exploit-db.com/exploits/18758http://www.openwall.com/lists/oss-security/2012/03/28/13http://www.securitytracker.com/id?1026874http://www.wireshark.org/security/wnpa-sec-2012-04.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823https://exchange.xforce.ibmcloud.com/vulnerabilities/74361https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14991
2012-04-11
Published