You are here

V-037: Wireshark Multiple Bugs Let Remote Users Deny Service

November 30, 2012 - 3:30am

Addthis

PROBLEM:

Wireshark Multiple Bugs Let Remote Users Deny Service

PLATFORM:

Version(s): prior to 1.6.12, 1.8.4

ABSTRACT:

Several vulnerabilities were reported in Wireshark.

REFERENCE LINKS:

Wireshark Security Advisories
Secunia Advisory SA51422
Seclists
SecurityTracker Alert ID:  1027822
CVE-2012-5592
CVE-2012-5593
CVE-2012-5594
CVE-2012-5595
CVE-2012-5596
CVE-2012-5597
CVE-2012-5598
CVE-2012-5599
CVE-2012-5600
CVE-2012-5601
CVE-2012-5602

IMPACT ASSESSMENT:

Medium

DISCUSSION:

Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. A user can obtain potentially sensitive information.

A remote user can send specially crafted data to cause Wireshark to enter an infinite loop.

The USB dissector is affected [CVE-2012-5593].

The sFlow dissector is affected [CVE-2012-5594].

The SCTP dissector is affected [CVE-2012-5595].

The EIGRP dissector is affected [CVE-2012-5596].

The iSCSI dissector is affected [CVE-2012-5598].

The WTP dissector is affected [CVE-2012-5599].

The RTCP dissector is affected [CVE-2012-5600].

The 3GPP2 A11 dissector is affected [CVE-2012-5601].

The ICMPv6 dissector is affected [CVE-2012-5602].

A remote user can send specially crafted data to cause the ISAKMP dissector to crash [CVE-2012-5597].

A user can obtain potentially sensitive host name resolution information when working with multiple pcap-ng files [CVE-2012-5592].

IMPACT:

A remote user can cause denial of service conditions.

A user can obtain potentially sensitive information.

SOLUTION:

Upgrade Wireshark to 1.6.12, 1.8.4.

Addthis