KLA11151
Denial of service vulnerabilities in Wireshark
Updated: 12/05/2017
CVSS
?
5.0
Detect date
?
11/30/2017
Severity
?
Warning
Description

Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely  to cause a denial of service via injecting a malformed packet. 


Technical details

This vulnerabilities related to next services: 

  1. NetBIOS dissector;
  2. IWARP_MPA dissector;
  3. CIP Safety dissector;

NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.

Affected products

Wireshark versions from 2.4.0 to 2.4.2 and versions from 2.2.0 to 2.2.10
 

Solution

Update to the latest version
Get Wireshark

Original advisories

Wireshark security advisory
Wireshark security advisory
Wireshark security advisory

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?

CVE-2017-17085
CVE-2017-17084
CVE-2017-17083