SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Wireshark Vendors:   Wireshark.org
Wireshark Bugs in Multiple Dissectors Let Remote Users Cause the Application to Crash or Consume Excessive CPU Resources
SecurityTracker Alert ID:  1040625
SecurityTracker URL:  http://securitytracker.com/id/1040625
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 4 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.2.0 to 2.2.13, 2.4.0 to 2.4.5
Description:   Multiple vulnerabilities were reported in Wireshark. A remote user can consume excessive CPU resources on the target system. A remote user can cause the target application to crash.

A remote user can send specially crafted data to trigger an infinite loop in the CQL dissector and consume excessive CPU resources on the target system. Versions 2.4.0 to 2.4.5 are affected.

A remote user can send specially crafted data to cause the target application to crash.

The MP4 dissector is affected.

The ADB dissector is affected.

The IEEE 802.15.4 dissector is affected

The NBAP dissector is affected.

The VLAN dissector is affected.

The LWAPP dissector is affected.

The TCP dissector is affected. Versions 2.4.0 to 2.4.5 are affected.

The Kerberos dissector is affected.

A remote user can send specially crafted data to trigger a memory leak and cause the target application to crash. The TN3270, ISUP, LAPD, SMB2, GIOP, ASN.1, MIME multipart, H.223, and PCP dissectors are affected.

Otto Airamo and Antti Levomaki of Forcepoint and liuyinsheng reported these vulnerabilities.

Impact:   A remote user can consume excessive CPU resources on the target system.

A remote user can cause the target application to crash.

Solution:   The vendor has issued a fix (2.2.14, 2.4.6).

The vendor advisories are available at:

https://www.wireshark.org/security/wnpa-sec-2018-15.html
https://www.wireshark.org/security/wnpa-sec-2018-16.html
https://www.wireshark.org/security/wnpa-sec-2018-17.html
https://www.wireshark.org/security/wnpa-sec-2018-18.html
https://www.wireshark.org/security/wnpa-sec-2018-19.html
https://www.wireshark.org/security/wnpa-sec-2018-20.html
https://www.wireshark.org/security/wnpa-sec-2018-21.html
https://www.wireshark.org/security/wnpa-sec-2018-22.html
https://www.wireshark.org/security/wnpa-sec-2018-23.html
https://www.wireshark.org/security/wnpa-sec-2018-24.html

Vendor URL:  www.wireshark.org/security/wnpa-sec-2018-15.html (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC