KLA11337
Multiple DoS vulnerabilities in Wireshark
Updated: 05/22/2020
Detect date
?
10/10/2018
Severity
?
High
Description

Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in the MS-WSP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  2. An unspecified vulnerability in the Steam IHS Discovery dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  3. An unspecified vulnerability in the CoAP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  4. An unspecified vulnerability in the OpcUa dissector can be exploited remotely via malformed packet trace file to cause denial of service;
Affected products

Wireshark 2.6.x earlier than 2.6.4
Wireshark 2.4.x earlier than 2.4.10

Solution

Update to the latest version
Get Wireshark

Original advisories

wnpa-sec-2018-47
wnpa-sec-2018-48
wnpa-sec-2018-49
wnpa-sec-2018-50

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?
CVE-2018-182275.0Critical
CVE-2018-182265.0Critical
CVE-2018-182255.0Critical
CVE-2018-120865.0Critical