CVE-2015-6244
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2015-6244 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue did not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5. This issue affects the verison of wireshark as shipped with Red Hat Enterprise Linux 6. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6.
CVSS v2 metrics
| Base Score | 4.3 |
|---|---|
| Base Metrics | AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 7 (wireshark) | RHSA-2015:2393 | 2015-11-19 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | wireshark | Will not fix |
| Red Hat Enterprise Linux 5 | wireshark | Not affected |
Mitigation
This flaw can be mitigated in wireshark by disabling the ZigBee protocol dissector. In wireshark GUI application click on Analyze->Enabled Protocols and search for "ZigBee" and disable in. When using "tshark", the text interface, create a file called "disabled_protos" in the preferences folder (normally .wireshark folder in the home directory of the user running wireshark) and add "ZigBee" to it. This should disable the ZigBee protocol.
External References
CVE description copyright © 2017, The MITRE Corporation
