CVE-2018-7337

CVE-2018-7337

Name

CVE-2018-7337

Description

In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://www.wireshark.org/security/wnpa-sec-2018-08.html
Patch	https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2
Issue Tracking	https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
Third Party Advisory	http://www.securityfocus.com/bid/103164
Mailing List	https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html

Type

URI

Vendor Advisory

https://www.wireshark.org/security/wnpa-sec-2018-08.html

Patch

https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2

Issue Tracking

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446

Third Party Advisory

http://www.securityfocus.com/bid/103164

Mailing List

https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html