KLA11255
Multiple vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. An unspecified vulnerability in LDSS dissector can be exploited remotely via malformed packet trace file to cause denial of service;
2. An unspecified vulnerability in IEEE 1905.1a dissector can be exploited remotely via malformed packet trace file to cause denial of service;
3. An unspecified vulnerability in RTCP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
4. An unspecified vulnerability in LTP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
5. An unspecified vulnerability in DNS dissector can be exploited remotely via malformed packet trace file to cause denial of service;
6. An unspecified vulnerability in GSM A DTAP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
7. An unspecified vulnerability in Q.931 dissector can be exploited remotely via malformed packet trace file to cause denial of service;
8. An unspecified vulnerability in IEEE 802.11 dissector can be exploited remotely via malformed packet trace file to cause denial of service;
9. An unspecified vulnerability in RRC dissector can be exploited remotely via malformed packet trace file to cause denial of service;

Technical details

Vulnerability (2), (3) and (6) affects only Wireshark 2.6.x

Wireshark earlier than 2.6.1
Wireshark earlier than 2.4.7
Wireshark earlier than 2.2.15

Update to latest verson
Get Wireshark

wnpa-sec-2018-28
wnpa-sec-2018-26
wnpa-sec-2018-30
wnpa-sec-2018-31
wnpa-sec-2018-27
wnpa-sec-2018-25
wnpa-sec-2018-32
wnpa-sec-2018-33
wnpa-sec-2018-29