Kaspersky Threats

Erkennungsdatum

?

03/03/2017

Schweregrad

?

Kritisch

Beschreibung

Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.10 and 2.2.0 to 2.2.4. Malicious users can exploit these vulnerabilities possibly to cause a denial of service.

Below is a complete list of vulnerabilities:

An LDSS dissector crash can be exploited remotely via packet injection or a malformed capture file possibly to cause a denial of service;
An IAX2 infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service;
A WSP infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service;
An RTMPT dissector infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service;
A K12 file parser crash can be exploited remotely via a malformed capture file possibly to cause a denial of service;
A NetScaler file parser infinite loop can be exploited remotely via a malformed capture file possibly to cause a denial of service;
A NetScaler file parser crash can be exploited remotely via a malformed capture file possibly to cause a denial of service.

Technical details

Vulnerability (1) was found in epan/dissectors/packet-ldss.c when checking that memory allocation is done for a certain data structure.

Vulnerability (2) was found in epan/dissectors/packet-iax2.c when making constraints to packet lateness.

Vulnerability (3) was found in epan/dissectors/packet-wsp.c when validating the capability length.

Vulnerability (4) was found in epan/dissectors/packet-rtmpt.c when accurately incrementing a certain sequence value.

Vulnerability (5) was found in wiretap/k12.c when validating the relationships between offsets and lengths.

Vulnerability (6) was found in wiretap/netscaler.c when validating record sizes and changing the file size restrictions.

Vulnerability (7) was found in wiretap/netscaler.c when validating the relationship between records and pages.

Beeinträchtigte Produkte

Wireshark 2.0.0 to 2.0.10
Wireshark 2.2.0 to 2.2.4

Lösung

Update to the latest version
Download Wireshark

Ursprüngliche Informationshinweise

wnpa-sec-2017-07
wnpa-sec-2017-09
wnpa-sec-2017-10
wnpa-sec-2017-03
wnpa-sec-2017-04
wnpa-sec-2017-05
wnpa-sec-2017-08
wnpa-sec-2017-11

Folgen

?

DoS

[?]

CVE-IDS

?

CVE-2017-64725.0Critical
CVE-2017-64735.0Critical
CVE-2017-64745.0Critical
CVE-2017-64675.0Critical
CVE-2017-64685.0Critical
CVE-2017-64695.0Critical
CVE-2017-64707.8Critical
CVE-2017-64715.0Critical

Link zum Original

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken

Erkennungsdatum ?	03/03/2017
Schweregrad ?	Kritisch
Beschreibung	Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.10 and 2.2.0 to 2.2.4. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities: An LDSS dissector crash can be exploited remotely via packet injection or a malformed capture file possibly to cause a denial of service; An IAX2 infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service; A WSP infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service; An RTMPT dissector infinite loop can be exploited remotely via a malformed capture file or a packet injection possibly to cause a denial of service; A K12 file parser crash can be exploited remotely via a malformed capture file possibly to cause a denial of service; A NetScaler file parser infinite loop can be exploited remotely via a malformed capture file possibly to cause a denial of service; A NetScaler file parser crash can be exploited remotely via a malformed capture file possibly to cause a denial of service. Technical details Vulnerability (1) was found in epan/dissectors/packet-ldss.c when checking that memory allocation is done for a certain data structure. Vulnerability (2) was found in epan/dissectors/packet-iax2.c when making constraints to packet lateness. Vulnerability (3) was found in epan/dissectors/packet-wsp.c when validating the capability length. Vulnerability (4) was found in epan/dissectors/packet-rtmpt.c when accurately incrementing a certain sequence value. Vulnerability (5) was found in wiretap/k12.c when validating the relationships between offsets and lengths. Vulnerability (6) was found in wiretap/netscaler.c when validating record sizes and changing the file size restrictions. Vulnerability (7) was found in wiretap/netscaler.c when validating the relationship between records and pages.
Beeinträchtigte Produkte	Wireshark 2.0.0 to 2.0.10 Wireshark 2.2.0 to 2.2.4
Lösung	Update to the latest version Download Wireshark
Ursprüngliche Informationshinweise	wnpa-sec-2017-07 wnpa-sec-2017-09 wnpa-sec-2017-10 wnpa-sec-2017-03 wnpa-sec-2017-04 wnpa-sec-2017-05 wnpa-sec-2017-08 wnpa-sec-2017-11
Folgen ?	DoS [?]
CVE-IDS ?	CVE-2017-64725.0Critical CVE-2017-64735.0Critical CVE-2017-64745.0Critical CVE-2017-64675.0Critical CVE-2017-64685.0Critical CVE-2017-64695.0Critical CVE-2017-64707.8Critical CVE-2017-64715.0Critical
	Link zum Original
	Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken

KLA10965Denial of service vulnerabilities in Wireshark

KLA10965
Denial of service vulnerabilities in Wireshark