wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
{ "vanir_signatures": [ { "id": "CVE-2016-5357-00835cc5", "digest": { "length": 788.0, "function_hash": "98239000270995448767473181886240178573" }, "signature_version": "v1", "deprecated": false, "target": { "file": "wiretap/netscreen.c", "function": "netscreen_read" }, "signature_type": "Function", "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78" }, { "id": "CVE-2016-5357-38a1d6cc", "digest": { "length": 1544.0, "function_hash": "310492478336291658440438047225850288891" }, "signature_version": "v1", "deprecated": false, "target": { "file": "wiretap/netscreen.c", "function": "parse_netscreen_hex_dump" }, "signature_type": "Function", "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78" }, { "id": "CVE-2016-5357-83990c0c", "digest": { "length": 768.0, "function_hash": "234810306649360696368612009053259286587" }, "signature_version": "v1", "deprecated": false, "target": { "file": "wiretap/netscreen.c", "function": "netscreen_seek_read" }, "signature_type": "Function", "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78" }, { "id": "CVE-2016-5357-9a86d003", "digest": { "threshold": 0.9, "line_hashes": [ "109475646978613999986127213607198642255", "31250380566604121006023533031274933807", "128186068565790674656003218156289851476", "184467115614294525121351481207623274728", "226320035520535408245528099391062491307", "137947243736615525726454514308735408782", "332344770437889434274473929757632277831", "139654004497125251504953015321724793407", "125200190841223299577388640139496519386", "283708670620639808617747627923471401057", "228251962372517566534841166870765356299", "315759100949583105975081430943034359561", "10046933023875093934650077765511237755", "112844300964706764556975919808167960375", "50768720689229473459579299650298286369", "10792207804164676233823492954455920172", "90521540886282356483254764106717180036", "97711214562874904283510055494897710692", "22182251046381454853903247751150562378", "38943378600046075296652564523451838730", "61506652746081863796704139677512019631", "312610214331752530546693335488820930154", "170175544118682052050390816087325591647", "207194964982115395535313158946756247080", "13647484865104971108870563627455869576", "307766772128077608125506668669048175057", "235046698484296628044260998947668262918", "53708909563104960111221861400099898300", "167332118977410523050450623396657070232", "10046933023875093934650077765511237755", "112844300964706764556975919808167960375", "164213728885918997765123004541710993518", "250313011244564001884300762445190565244", "82464802188891902898462280829748842062", "228840652260579822937008072346897301682", "79787929106734837492628296664948077450", "312694673570479441064569441049412183797", "289659649557585729479521028421730737707", "289449505711191402122366991914701939017", "306709811458662945414099747632256862846", "294546088051136211404083440411801887350", "312605284310560461110318528838486924570", "142106576275545966262484301029372038045", "212381695052438160820547775878783658703", "197911476188472350181712079070704543650", "29016802612924596716274197577645654798", "199008813213517817483996695371522819201", "277254033387466141670527795030520355592", "243502880721624289672561981080968335980", "35965257033616782937359629898183719450", "14346972361329608056566745214057074684", "289890677437462536923936308586063848016", "99666373310571738195855058849330475237", "230859420400312803066578391580323969585", "324527876364316285220191673228545001177", "301878905189817756058615002378638632141", "214765399204310005320456716340136437856", "222335742138378612226682727400375132370", "218698307628847458790863771005318429445", "172579053750884770117787724915851063981", "36772077030893572830806947336995140904", "227280925992583994919404844063869811194", "49866558023275319895795719144692070467", "187997894282389544965458939105251302948", "38240843669630782258970647425875920915", "13806843815478590139944087350226712559", "188301810577913565160991406845097654428", "208700558165247480300913208029981043225", "170756894144510658077833488756654233803", "50739313137086661958370718542164688521", "175968835641059310330191981889026052719", "34737157420580369537594918406172212411", "208500226995836840410863570763815034803", "290406268255681460191706657126768228029", "243113330824981993778347704263166889979", "29817125151724185619797771661082022646", "340214324164455355655187627561608861517", "194549503693958020006573565778087588681", "196278896440396998061009722430404166563", "92312408734595828371340804090576208361", "274129395972988686365691901341674471812", "51413913904960638268639352831260293292", "159378292472965878101319925362921947710", "21047736565076430821581996937289980756", "23398699936719563656945659948653878845", "101947065059202720645984880112419463170", "107372472086380005734627344136484125167" ] }, "signature_version": "v1", "deprecated": false, "target": { "file": "wiretap/netscreen.c" }, "signature_type": "Line", "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78" }, { "id": "CVE-2016-5357-c1ce2a63", "digest": { "length": 734.0, "function_hash": "66077551193982782672056802698583344450" }, "signature_version": "v1", "deprecated": false, "target": { "file": "wiretap/netscreen.c", "function": "parse_netscreen_rec_hdr" }, "signature_type": "Function", "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78" } ] }