Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10649
Denial of service vulnerabilities in Wireshark

Updated: 05/22/2020
Detect date
?
 08/11/2015
Severity
?
 Warning
Description

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet.

Technical details

This vulnerability related to next conditions:

  1. Adding item to protocol tree;
  2. Ptvcursor length checking;
  3. WCCP, OpenFlow, GSM RLC/MAC, ZigBee, WaveAgent dissectors acting;
  4. Attempt to free invalid memory;
  5. Searching protocol dissector.

As result of exploitation there are two kinds DoS: crash or consume excessive CPU resources.
Affected products

Wireshark versions earlier than 1.12.7
Solution

Update to the latest version
Get Wireshark
Original advisories

Wireshark Security Advisories
Impacts
?
DoS 
[?]
Related products
 Wireshark
CVE-IDS
?
CVE-2015-62464.3Warning
CVE-2015-62454.3Warning
CVE-2015-62414.3Warning
CVE-2015-62424.3Warning
CVE-2015-62484.3Warning
CVE-2015-62474.3Warning
CVE-2015-62494.3Warning
CVE-2015-62444.3Warning
CVE-2015-62434.3Warning
© 2021 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up