Description
Multiple different vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed packet or file.
Technical details
WBXML dissector epan/dissectors/packet-wbxml.c mishandles offsets;
Ethernet dissector epan/dissectors/packet-pktap.c mishandles the packet-header data type;
NetScreen file parser wiretap/netscreen.c mishandles sscanf unsigned-integer processing;
CoSine file parser wiretap/cosine.c mishandles sscanf unsigned-integer;
Toshiba file parser wiretap/toshiba.c mishandles sscanf unsigned-integer processing;
USB subsystem mishandles class types;
UMTS FP dissector epan/dissectors/packet-umts_fp.c mishandles the reserved C/T value;
IEEE 802.11 dissector epan/crypt/airpdcap.c mishandles certain length values and lack of an EAPOL_RSN_KEY;
SPOOLS component epan/dissectors/packet-dcerpc-spoolss.c mishandles unexpected offsets;
WBXML dissector epan/dissectors/packet-wbxml.c does not restrict the recursion depth;
MMSE, WAP, WBXML, and WSP dissectors epan/dissectors/packet-wap.c omits an overflow check in the tvb_get_guintvar function;
RLC dissector epan/dissectors/packet-rlc.c contains Off-by-one error;
LDSS dissector epan/dissectors/packet-ldss.c mishandles conversations;
RLC dissector epan/dissectors/packet-rlc.c contains Off-by-one error;
LDSS dissector epan/dissectors/packet-ldss.c mishandles conversations;
RLC dissector epan/dissectors/packet-rlc.c uses an incorrect integer data type;
NDS dissector epan/dissectors/packet-ncp2222.inc does not properly maintain a ptvc data structure;
CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options;
These vulnerabilities also related to PacketBB, WSP, MMSE dissectors and epan/proto.c;
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2016-5359 warning
- CVE-2016-5358 warning
- CVE-2016-5357 warning
- CVE-2016-5356 warning
- CVE-2016-5355 warning
- CVE-2016-5354 warning
- CVE-2016-5353 warning
- CVE-2016-5352 warning
- CVE-2016-5351 warning
- CVE-2016-5350 warning
- CVE-2016-6513 warning
- CVE-2016-6512 warning
- CVE-2016-6511 warning
- CVE-2016-6510 warning
- CVE-2016-6509 warning
- CVE-2016-6508 warning
- CVE-2016-6507 warning
- CVE-2016-6506 warning
- CVE-2016-6505 warning
- CVE-2016-6504 warning
- CVE-2016-6503 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com