SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Generic)  >   Wireshark Vendors:   Wireshark.org
Wireshark Multiple Dissector/Parser Bugs Let Remote Users Deny Service and Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1035118
SecurityTracker URL:  http://securitytracker.com/id/1035118
CVE Reference:   CVE-2016-2521, CVE-2016-2522, CVE-2016-2523, CVE-2016-2524, CVE-2016-2525, CVE-2016-2526, CVE-2016-2527, CVE-2016-2528, CVE-2016-2529, CVE-2016-2530, CVE-2016-2531, CVE-2016-2532, CVE-2016-4415, CVE-2016-4416, CVE-2016-4417, CVE-2016-4418, CVE-2016-4419, CVE-2016-4420, CVE-2016-4421   (Links to External Site)
Updated:  May 3 2016
Original Entry Date:  Feb 27 2016
Impact:   Denial of service via network, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
Description:   Multiple vulnerabilities were reported in Wireshark. A remote user can consume excessive CPU resources on the target system. A remote user can cause the target application to crash. A local user can obtain elevated privileges on the target system.

A local user can locate a specially crafted DLL file in the same directory as a capture file. When the target user loads the capture file via Wireshark, the Wireshark application will execute arbitrary code with the privileges of the user running Wireshark [CVE-2016-2521].

A remote user can cause the target dissector to enter a large or infinite loop and consume excessive CPU resources on the target system.

The DNP3 dissector is affected [CVE-2016-2523].

The SPICE dissector is affected [CVE-2016-4419]. Versions 2.0.x are affected.

A remote user can cause the target dissector or parser to crash.

The ASN.1 BER dissector is affected [CVE-2016-2522, CVE-2016-4418, CVE-2016-4421]. Versions 2.0.x are affected by CVE-2016-2522.

The X.509AF dissector is affected [CVE-2016-2524]. Versions 2.0.x are affected.

The HTTP/2 dissector is affected [CVE-2016-2525]. Versions 2.0.x are affected.

The HiQnet dissector is affected [CVE-2016-2526]. Versions 2.0.x are affected.

The 3GPP TS 32.423 Trace file parser is affected [CVE-2016-2527]. Versions 2.0.x are affected.

The LBMC dissector is affected [CVE-2016-2528]. Versions 2.0.x are affected.

The iSeries file parser is affected [CVE-2016-2529]. Versions 2.0.x are affected.

The RSL dissector is affected [CVE-2016-2530, CVE-2016-2531].

The LLRP dissector is affected [CVE-2016-2532].

The Ixia IxVeriWave file parser is affected [CVE-2016-4415]. Versions 2.0.x are affected.

The 802.11 dissector crash is affected [CVE-2016-4416]. Versions 2.0.x are affected.

The GSM A-bis OML dissector is affected [CVE-2016-4417].

The NFS dissector is affected [CVE-2016-4420]. Versions 2.0.x are affected.

Mateusz Jurczyk reported multiple vulnerabilities. Noam Mazor reported one vulnerability. Behzad Najjarpour Jabbari, Secunia Research at Flexera Software, reported one vulnerability.

Impact:   A remote user can consume excessive CPU resources on the target system.

A remote user can cause the target application to crash.

A local user can obtain elevated privileges on the target system.

Solution:   The vendor has issued a fix (1.12.10, 2.0.2).

The vendor's advisories are available at:

https://www.wireshark.org/security/wnpa-sec-2016-01.html
https://www.wireshark.org/security/wnpa-sec-2016-02.html
https://www.wireshark.org/security/wnpa-sec-2016-03.html
https://www.wireshark.org/security/wnpa-sec-2016-04.html
https://www.wireshark.org/security/wnpa-sec-2016-05.html
https://www.wireshark.org/security/wnpa-sec-2016-06.html
https://www.wireshark.org/security/wnpa-sec-2016-07.html
https://www.wireshark.org/security/wnpa-sec-2016-08.html
https://www.wireshark.org/security/wnpa-sec-2016-09.html
https://www.wireshark.org/security/wnpa-sec-2016-10.html
https://www.wireshark.org/security/wnpa-sec-2016-11.html
https://www.wireshark.org/security/wnpa-sec-2016-12.html
https://www.wireshark.org/security/wnpa-sec-2016-13.html
https://www.wireshark.org/security/wnpa-sec-2016-14.html
https://www.wireshark.org/security/wnpa-sec-2016-15.html
https://www.wireshark.org/security/wnpa-sec-2016-16.html
https://www.wireshark.org/security/wnpa-sec-2016-17.html
https://www.wireshark.org/security/wnpa-sec-2016-18.html

Vendor URL:  www.wireshark.org/security/wnpa-sec-2016-01.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC