Kaspersky Threats

Detect date

?

04/08/2019

Severity

?

Critical

Description

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

Denial of service vulnerability in SRVLOC dissector can be exploited remotely via specially designed packet.
Denial of service vulnerability in LDSS dissector can be exploited remotely via specially designed packet.
Denial of service vulnerability in GSS-API dissector can be exploited remotely via specially designed packet.
Denial of service vulnerability in DOF dissector can be exploited remotely via specially designed packet.
Denial of service vulnerability in NetScaler file parser can be exploited remotely via specially designed packet.
Denial of service vulnerability in DCERPC SPOOLSS dissector can be exploited remotely via specially designed packet.

Affected products

Wireshark 3.0.x up to 3.0.1
Wireshark 2.6.x up to 2.6.7
Wireshark 2.4.x up to 2.4.13

Solution

Update to the latest version
Get WIreshark

Original advisories

Impacts

?

DoS

[?]

Detect date ?	04/08/2019
Severity ?	Critical
Description	Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: Denial of service vulnerability in SRVLOC dissector can be exploited remotely via specially designed packet. Denial of service vulnerability in LDSS dissector can be exploited remotely via specially designed packet. Denial of service vulnerability in GSS-API dissector can be exploited remotely via specially designed packet. Denial of service vulnerability in DOF dissector can be exploited remotely via specially designed packet. Denial of service vulnerability in NetScaler file parser can be exploited remotely via specially designed packet. Denial of service vulnerability in DCERPC SPOOLSS dissector can be exploited remotely via specially designed packet.
Affected products	Wireshark 3.0.x up to 3.0.1 Wireshark 2.6.x up to 2.6.7 Wireshark 2.4.x up to 2.4.13
Solution	Update to the latest version Get WIreshark
Original advisories	wnpa-sec-2019-10 wnpa-sec-2019-14 wnpa-sec-2019-17 wnpa-sec-2019-15 wnpa-sec-2019-09 wnpa-sec-2019-18
Impacts ?	DoS [?]
Related products	Wireshark
CVE-IDS ?	CVE-2019-108990.0Unknown CVE-2019-109010.0Unknown CVE-2019-108940.0Unknown CVE-2019-108960.0Unknown CVE-2019-108950.0Unknown CVE-2019-109030.0Unknown

KLA11464Multiple vulnerabilities in Wireshark