Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český

KLA10905
Multiple denial of service vulnerabilities in Wireshark
Updated: 07/11/2017
CVSS
?
 4.3
Detect date
?
 11/16/2016
Severity
?
 Warning
Description

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. These vulnerabilities can be exploited remotely via a specially designed files or packets.

Below is a complete list of vulnerabilities

  1. Lack of certain length values size OpenFlow dissector;
  2. Infinite loop at DTN dissector;
  3. An improper handling of signature variable state tracking at AllJoyn dissector;
  4. An improper private strings handling at DCERPC dissector;
  5. Lack of I/O objects restrictions at Profinet I/O dissector.
Affected products

Wireshark 2.2 versions earlier than 2.2.2
Wireshark 2.0 versions earlier than 2.0.8
Solution

Update to the latest version
Wireshark download page
Original advisories

Wireshark foundation security advisories list
Impacts
?
DoS 
[?]
Related products
 Wireshark
CVE-IDS
?

CVE-2016-9372
CVE-2016-9373
CVE-2016-9374
CVE-2016-9375
CVE-2016-9376
© 2018 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up