Multiple DoS vulnerabilities in Wireshark

Description

Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities:

1. An unspecified vulnerability in the MS-WSP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
2. An unspecified vulnerability in the Steam IHS Discovery dissector can be exploited remotely via malformed packet trace file to cause denial of service;
3. An unspecified vulnerability in the CoAP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
4. An unspecified vulnerability in the OpcUa dissector can be exploited remotely via malformed packet trace file to cause denial of service;

Original advisories

• wnpa-sec-2018-47

• wnpa-sec-2018-48
• wnpa-sec-2018-49
• wnpa-sec-2018-50

Exploitation

Public exploits exist for this vulnerability.

Related products

• Wireshark

CVE list

• CVE-2018-18227
  warning
• CVE-2018-18226
  critical
• CVE-2018-18225
  warning
• CVE-2018-12086
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com