Infinite loop in Debian Linux

#VU33532 Infinite loop in Debian Linux

Cybersecurity Help s.r.o.

Published: 2017-04-13 | Updated: 2020-08-04

Vulnerability identifier: #VU33532

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7700

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Debian Linux
Operating systems & Components / Operating system

Vendor: Debian

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Debian Linux: 8.0

External links
http://www.securityfocus.com/bid/97631
http://www.securitytracker.com/id/1038262
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13478
http://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8fc0af859de4993951a915ad735be350221f3f53
http://lists.debian.org/debian-lts-announce/2019/01/msg00010.html
http://security.gentoo.org/glsa/201706-12
http://www.wireshark.org/security/wnpa-sec-2017-14.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for Wireshark

Infinite loop in wireshark (Alpine package)

Infinite loop in Debian Linux