Detect date
?
|
07/18/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities:
Technical details For vulnerabilities (1) and (2), denial of service is a crash. Vulnerabilities (1) are related to epan/dissectors/packet-mq.c and epan/dissectors/packet-amqp.c. Denial of service, which might become a result of exploiting vulnerabilities (2) and (4), occurs because of consuming excessive CPU resources. In case of vulnerability (3), denial of service can be a crash or a system memory exhaustion. Vulnerabilities (3) is related plugins/docsis/packet-docsis.c. |
Affected products
|
Wireshark 2.0.x before 2.0.14 |
Solution
|
Update to the latest version |
Original advisories
|
wnpa-sec-2017-36 |
Impacts
?
|
DoS [?] |
Related products
|
Wireshark |
CVE-IDS
?
|
CVE-2017-114117.8Critical
CVE-2017-114067.8Critical CVE-2017-114075.0Critical CVE-2017-114085.0Critical CVE-2017-114107.8Critical |