First published: Tue Jan 24 2023(Updated: )
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | >=3.6.0<=3.6.10 | |
Wireshark Wireshark | >=4.0.0<=4.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this iSCSI dissector crash is CVE-2023-0415.
This vulnerability exists in Wireshark versions 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10.
This vulnerability allows denial of service via packet injection or crafted capture file.
This vulnerability can be exploited by injecting malicious packets or using a crafted capture file.
Yes, fixes for this vulnerability are available. Please refer to the references for more information.