Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11094
Multiple vulnerabilities in Wireshark
Updated: 11/15/2018
CVSS
?
 7.8
Detect date
?
 08/29/2017
Severity
?
 Critical
Description

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service.

Below is a complete list of vulnerabilities:

  1. Buffer overflow vulnerability in the IrCOMM dissector can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to handle a specially designed packet trace file to cause a denial of service;
  2. An infinite loop in the MSDP dissector can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to handle a specially designed packet trace file to cause a denial of service.
Affected products

Wireshark 2.0.x before 2.0.15
Wireshark 2.2.x before 2.2.9
Wireshark 2.4.x before 2.4.1
Solution

Update to the latest version
Download Wireshark
Original advisories

wnpa-sec-2017-38
wnpa-sec-2017-41
Impacts
?
DoS 
[?]
Related products
 Wireshark
CVE-IDS
?

CVE-2017-13765
CVE-2017-13767
© 2018 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up