First published: Fri May 26 2023(Updated: )
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Credit: cve@gitlab.com cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | >=3.6.0<3.6.14 | |
Wireshark Wireshark | >=4.0.0<4.0.6 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =12.0 | |
debian/wireshark | <=2.6.20-0+deb10u4<=3.4.10-0+deb11u1 | 2.6.20-0+deb10u7 4.0.6-1~deb12u1 4.0.10-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-2858 is a vulnerability in Wireshark versions 3.6.0 to 3.6.13 and 4.0.0 to 4.0.5 that allows denial of service through a crafted capture file.
CVE-2023-2858 affects Wireshark versions 3.6.0 to 3.6.13 and 4.0.0 to 4.0.5, leading to a denial-of-service condition.
CVE-2023-2858 has a severity rating of medium, with a CVSS score of 6.5.
To fix CVE-2023-2858, update Wireshark to version 3.6.14 or later for versions 3.6.x, and version 4.0.6 or later for versions 4.0.x.
More information about CVE-2023-2858 can be found on the Wireshark website and the related GitLab issues.