{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0666", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2023-02-03T22:06:14.542Z", "datePublished": "2023-06-07T02:25:27.974Z", "dateUpdated": "2024-08-02T05:17:50.337Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [{"lessThanOrEqual": "4.0.5", "status": "affected", "version": "4.0.0", "versionType": "semver"}, {"status": "unaffected", "version": "4.0.6"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!"}, {"lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!"}], "datePublic": "2023-05-22T19:04:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."}], "value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2023-06-07T02:42:41.249Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://takeonme.org/cves/CVE-2023-0666.html"}, {"tags": ["issue-tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"}, {"tags": ["release-notes"], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"}, {"tags": ["vendor-advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"}, {"url": "https://www.debian.org/security/2023/dsa-5429"}, {"url": "https://security.gentoo.org/glsa/202309-02"}], "source": {"discovery": "EXTERNAL"}, "title": "Wireshark RTPS Parsing Buffer Overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:17:50.337Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://takeonme.org/cves/CVE-2023-0666.html"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"}, {"tags": ["release-notes", "x_transferred"], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"}, {"url": "https://www.debian.org/security/2023/dsa-5429", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202309-02", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBA0E5F8-10A3-4294-95A8-6CB594C4DADE", "versionEndExcluding": "4.0.6", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."}, {"lang": "es", "value": "Debido a un fallo en la validaci\u00f3n de la longitud proporcionada por un atacante de paquetes manipulados RTPS, Wireshark v4.0.5 y anteriores, por defecto, es susceptible a un desbordamiento de b\u00fafer de pila y posiblemente la ejecuci\u00f3n de c\u00f3digo en el contexto del proceso que ejecuta Wireshark. "}], "id": "CVE-2023-0666", "lastModified": "2024-11-21T07:37:35.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-07T03:15:09.000", "references": [{"source": "cve@takeonme.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"}, {"source": "cve@takeonme.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}, {"source": "cve@takeonme.org", "tags": ["Exploit"], "url": "https://takeonme.org/cves/CVE-2023-0666.html"}, {"source": "cve@takeonme.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5429"}, {"source": "cve@takeonme.org", "tags": ["Release Notes"], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"}, {"source": "cve@takeonme.org", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://takeonme.org/cves/CVE-2023-0666.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"}], "sourceIdentifier": "cve@takeonme.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "cve@takeonme.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7015", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "wireshark-1:2.6.2-17.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-11-14T00:00:00Z"}, {"advisory": "RHSA-2023:6469", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "wireshark-1:3.4.10-6.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}], "bugzilla": {"description": "wireshark: RTPS dissector crash", "id": "2210832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210832"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.", "A flaw was found in the RTPS dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service."], "name": "CVE-2023-0666", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-05-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-0666\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0666"], "threat_severity": "Moderate", "upstream_fix": "wireshark 4.0.6"}