[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Sep 6 05:21:05 PDT 2017
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 556 Published: Tue, 05 Sep 2017 23:49:49 GMT
New Fixlets:
============
***************************************************************
Title: RPCoRDMA dissector infinite loop - CVE-2017-7705
Severity: High
Fixlet ID: 305401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3054
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7705
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.
More information about the WinVulns-Announcements
mailing list