CVE-2016-5357

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-5357
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5357.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-5357
Downstream
Related
Published
2016-08-07T16:59:12Z
Modified
2025-10-23T13:56:36.556129Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
11edc83b98a61e890d7bb01855389d40e984ea82
Fixed
6a140eca7b78b230f1f90a739a32257476513c78

Affected versions

Other

backups/ethereal@18706
ethereal-0-3-15
start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0
v1.11.0-rc1
v1.11.1
v1.11.1-rc1
v1.11.2
v1.11.2-rc1
v1.11.3
v1.11.3-rc1
v1.11.4-rc1
v1.99.0
v1.99.0-rc1
v1.99.1
v1.99.10rc0
v1.99.1rc0
v1.99.2
v1.99.2rc0
v1.99.3
v1.99.3rc0
v1.99.4
v1.99.4rc0
v1.99.5
v1.99.5rc0
v1.99.6
v1.99.6rc0
v1.99.7
v1.99.7rc0
v1.99.8
v1.99.8rc0
v1.99.9
v1.99.9rc0

v2.*

v2.1.0rc0

wireshark-1.*

wireshark-1.11.3
wireshark-1.99.0
wireshark-1.99.1
wireshark-1.99.2
wireshark-1.99.3
wireshark-1.99.4
wireshark-1.99.5
wireshark-1.99.6
wireshark-1.99.7
wireshark-1.99.8
wireshark-1.99.9

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "98239000270995448767473181886240178573",
            "length": 788.0
        },
        "id": "CVE-2016-5357-00835cc5",
        "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78",
        "target": {
            "function": "netscreen_read",
            "file": "wiretap/netscreen.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "310492478336291658440438047225850288891",
            "length": 1544.0
        },
        "id": "CVE-2016-5357-38a1d6cc",
        "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78",
        "target": {
            "function": "parse_netscreen_hex_dump",
            "file": "wiretap/netscreen.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "234810306649360696368612009053259286587",
            "length": 768.0
        },
        "id": "CVE-2016-5357-83990c0c",
        "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78",
        "target": {
            "function": "netscreen_seek_read",
            "file": "wiretap/netscreen.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "109475646978613999986127213607198642255",
                "31250380566604121006023533031274933807",
                "128186068565790674656003218156289851476",
                "184467115614294525121351481207623274728",
                "226320035520535408245528099391062491307",
                "137947243736615525726454514308735408782",
                "332344770437889434274473929757632277831",
                "139654004497125251504953015321724793407",
                "125200190841223299577388640139496519386",
                "283708670620639808617747627923471401057",
                "228251962372517566534841166870765356299",
                "315759100949583105975081430943034359561",
                "10046933023875093934650077765511237755",
                "112844300964706764556975919808167960375",
                "50768720689229473459579299650298286369",
                "10792207804164676233823492954455920172",
                "90521540886282356483254764106717180036",
                "97711214562874904283510055494897710692",
                "22182251046381454853903247751150562378",
                "38943378600046075296652564523451838730",
                "61506652746081863796704139677512019631",
                "312610214331752530546693335488820930154",
                "170175544118682052050390816087325591647",
                "207194964982115395535313158946756247080",
                "13647484865104971108870563627455869576",
                "307766772128077608125506668669048175057",
                "235046698484296628044260998947668262918",
                "53708909563104960111221861400099898300",
                "167332118977410523050450623396657070232",
                "10046933023875093934650077765511237755",
                "112844300964706764556975919808167960375",
                "164213728885918997765123004541710993518",
                "250313011244564001884300762445190565244",
                "82464802188891902898462280829748842062",
                "228840652260579822937008072346897301682",
                "79787929106734837492628296664948077450",
                "312694673570479441064569441049412183797",
                "289659649557585729479521028421730737707",
                "289449505711191402122366991914701939017",
                "306709811458662945414099747632256862846",
                "294546088051136211404083440411801887350",
                "312605284310560461110318528838486924570",
                "142106576275545966262484301029372038045",
                "212381695052438160820547775878783658703",
                "197911476188472350181712079070704543650",
                "29016802612924596716274197577645654798",
                "199008813213517817483996695371522819201",
                "277254033387466141670527795030520355592",
                "243502880721624289672561981080968335980",
                "35965257033616782937359629898183719450",
                "14346972361329608056566745214057074684",
                "289890677437462536923936308586063848016",
                "99666373310571738195855058849330475237",
                "230859420400312803066578391580323969585",
                "324527876364316285220191673228545001177",
                "301878905189817756058615002378638632141",
                "214765399204310005320456716340136437856",
                "222335742138378612226682727400375132370",
                "218698307628847458790863771005318429445",
                "172579053750884770117787724915851063981",
                "36772077030893572830806947336995140904",
                "227280925992583994919404844063869811194",
                "49866558023275319895795719144692070467",
                "187997894282389544965458939105251302948",
                "38240843669630782258970647425875920915",
                "13806843815478590139944087350226712559",
                "188301810577913565160991406845097654428",
                "208700558165247480300913208029981043225",
                "170756894144510658077833488756654233803",
                "50739313137086661958370718542164688521",
                "175968835641059310330191981889026052719",
                "34737157420580369537594918406172212411",
                "208500226995836840410863570763815034803",
                "290406268255681460191706657126768228029",
                "243113330824981993778347704263166889979",
                "29817125151724185619797771661082022646",
                "340214324164455355655187627561608861517",
                "194549503693958020006573565778087588681",
                "196278896440396998061009722430404166563",
                "92312408734595828371340804090576208361",
                "274129395972988686365691901341674471812",
                "51413913904960638268639352831260293292",
                "159378292472965878101319925362921947710",
                "21047736565076430821581996937289980756",
                "23398699936719563656945659948653878845",
                "101947065059202720645984880112419463170",
                "107372472086380005734627344136484125167"
            ]
        },
        "id": "CVE-2016-5357-9a86d003",
        "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78",
        "target": {
            "file": "wiretap/netscreen.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "66077551193982782672056802698583344450",
            "length": 734.0
        },
        "id": "CVE-2016-5357-c1ce2a63",
        "source": "https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78",
        "target": {
            "function": "parse_netscreen_rec_hdr",
            "file": "wiretap/netscreen.c"
        }
    }
]

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected