KLA10649
Denial of service vulnerabilities in Wireshark
Updated: 06/17/2019
Detect date
?
08/11/2015
Severity
?
Warning
Description

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet.


Technical details

This vulnerability related to next conditions:

  1. Adding item to protocol tree;
  2. Ptvcursor length checking;
  3. WCCP, OpenFlow, GSM RLC/MAC, ZigBee, WaveAgent dissectors acting;
  4. Attempt to free invalid memory;
  5. Searching protocol dissector.

As result of exploitation there are two kinds DoS: crash or consume excessive CPU resources.

Affected products

Wireshark versions earlier than 1.12.7

Solution

Update to the latest version
Get Wireshark

Original advisories

Wireshark Security Advisories

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?
CVE-2015-62464.3Warning
CVE-2015-62454.3Warning
CVE-2015-62414.3Warning
CVE-2015-62424.3Warning
CVE-2015-62484.3Warning
CVE-2015-62474.3Warning
CVE-2015-62494.3Warning
CVE-2015-62444.3Warning
CVE-2015-62434.3Warning