KLA12080
DoS vulnerabilities in Wireshark

Updated: 02/16/2021
Detect date
?
10/21/2020
Severity
?
Warning
Description

DoS vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. DoS vulnerability in the FBZERO protocol dissector can be exploited via special crafted file to cause denial of service.
  2. DoS vulnerability in the GQUIC protocol dissector can be exploited via special crafted file to cause denial of service.
Affected products

Wireshark 3.2.x earlier than 3.2.8
Wireshark 3.4.0 earlier than 3.4.0

Solution

Update to the latest version
Download Wireshark

Original advisories

wnpa-sec-2020-14 · FBZERO dissector crash
wnpa-sec-2020-15 · GQUIC dissector crash

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?
CVE-2020-265755.0Critical
CVE-2020-280305.0Critical
Find out the statistics of the vulnerabilities spreading in your region