CVE-2012-6057

Medium CVSS 5.0

Overview

The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet.

CWE: CWE-189 Published: 2012-12-05T11:57:20.070

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.0 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags