SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Wireshark Vendors:   Wireshark.org
Wireshark Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code
SecurityTracker Alert ID:  1027404
SecurityTracker URL:  http://securitytracker.com/id/1027404
CVE Reference:   CVE-2012-4285, CVE-2012-4286, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297, CVE-2012-4298   (Links to External Site)
Date:  Aug 15 2012
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 1.4.15, 1.6.10, 1.8.2
Description:   Multiple vulnerability were reported in Wireshark. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

A remote user can trigger a divide by zero error in the DCP ETSI dissector [CVE-2012-4285]. Laurent Butti reported this vulnerability.

A remote user can trigger a divide by zero error in the pcap-ng file parser [CVE-2012-4286]. Versions 1.8.0 to 1.8.1 are affected.

A remote user can cause the MongoDB dissector to consume excessive CPU resources on the target system [CVE-2012-4287]. Versions 1.8.0 to 1.8.1 are affected. Ben Schmidt reported this vulnerability.

A remote user can cause the XTP dissector to enter an infinite loop [CVE-2012-4288]. Ben Schmidt reported this vulnerability.

A remote user can cause the AFP dissector to consume excessive CPU resources on the target system [CVE-2012-4289]. Stefan Cornelius reported this vulnerability.

A remote user can cause the CTDB dissector to consume excessive CPU resources on the target system [CVE-2012-4290]. Ben Schmidt reported this vulnerability.

A remote user can cause the CIP dissector to consume all available system memory [CVE-2012-4291]. Ben Schmidt reported this vulnerability.

A remote user can cause the STUN dissector to crash [CVE-2012-4292]. Laurent Butti reported this vulnerability.

A remote user can cause the EtherCAT Mailbox dissector to abort [CVE-2012-4293]. Laurent Butti reported this vulnerability.

A remote user can trigger a buffer overflow in the ERF dissector to execute arbitrary code on the target system [CVE-2012-4294, CVE-2012-4295]. Versions 1.8.0 to 1.8.1 are affected. Laurent Butti reported this vulnerability.

A remote user can trigger a buffer overflow in the RTPS2 dissector to execute arbitrary code on the target system [CVE-2012-4296]. Laurent Butti reported this vulnerability.

A remote user can trigger a buffer overflow in the GSM RLC MAC dissector to execute arbitrary code on the target system [CVE-2012-4297]. Versions 1.6.0 to 1.6.9 and 1.8.0 to 1.8.1 are affected. Laurent Butti reported this vulnerability.

A remote user can trigger a buffer overflow in the Ixia IxVeriWave file parser to execute arbitrary code on the target system [CVE-2012-4298]. Versions 1.8.0 to 1.8.1 are affected.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can the target dissector to crash, consume excessive CPU resources, or consume all available system memory.

Solution:   The vendor has issued a fix (1.4.15, 1.6.10, 1.8.2).

The vendor's advisories are available at:


http://www.wireshark.org/security/wnpa-sec-2012-14.html
http://www.wireshark.org/security/wnpa-sec-2012-15.html
http://www.wireshark.org/security/wnpa-sec-2012-16.html
http://www.wireshark.org/security/wnpa-sec-2012-17.html
http://www.wireshark.org/security/wnpa-sec-2012-18.html
http://www.wireshark.org/security/wnpa-sec-2012-19.html
http://www.wireshark.org/security/wnpa-sec-2012-20.html
http://www.wireshark.org/security/wnpa-sec-2012-21.html
http://www.wireshark.org/security/wnpa-sec-2012-22.html
http://www.wireshark.org/security/wnpa-sec-2012-23.html
http://www.wireshark.org/security/wnpa-sec-2012-24.html
http://www.wireshark.org/security/wnpa-sec-2012-25.html

Vendor URL:  www.wireshark.org/security/wnpa-sec-2012-14.html (Links to External Site)
Cause:   Boundary error, Resource error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 22 2012 (Oracle Issues Fix for Solaris) Wireshark Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code
Oracle has issued a fix for Solaris 11.
Nov 21 2013 (Red Hat Issues Fix) Wireshark Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code
Red Hat has issued a fix for Red Hat Enterprise Linux 6.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC