KLA10955
Denial of service vulnerabilities in Wireshark
Updated: 11/06/2018
CVSS
?
5.0
Detect date
?
01/25/2017
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.9 and 2.2.0 to 2.2.3. Malicious users can exploit these vulnerabilities to possibly cause a denial of service.

Below is a complete list of vulnerabilities:

  1. The DHCPv6 dissector large loop vulnerability can be exploited remotely via a malformed captured file or a packet injection to consume excessive CPU and possibly cause a denial of service;
  2. The ASTERIX dissector infinite loop vulnerability can be exploited remotely via a malformed captured file or a packet injection to consume excessive CPU and possibly cause a denial of service.

Technical details

Vulnerability (1) is related to the file epan/dissectors/packet-dhcpv6.c.

Vulnerability (2) is related to file epan/dissectors/packet-asterix.c.

Affected products

Wireshark 2.0.0 to 2.0.9
Wireshark 2.2.0 to 2.2.3

Solution

Update to the latest versions
Download Wireshark

Original advisories

wnpa-sec-2017-01
wnpa-sec-2017-02

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?

CVE-2017-5597
CVE-2017-5596