Description
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.
Below is a complete list of vulnerabilities:
- Denial of service vulnerability in EAP dissector can be exploited to cause denial of service.
- Denial of service vulnerability in BPv6, NCP, and RTPS dissectors can be exploited to cause denial of service.
- Denial of service vulnerability in GNW dissector can be exploited to cause denial of service.
- Denial of service vulnerability in TIPC dissector can be exploited to cause denial of service.
- Information disclosure vulnerability in NFS dissector can be exploited to obtain sensitive information.
- Denial of service vulnerability in iSCSI dissector can be exploited to cause denial of service.
- Denial of service vulnerability in Some dissectors can be exploited to cause denial of service.
Original advisories
- Wireshark • wnpa-sec-2023-04 GNW dissector crash
- Wireshark • wnpa-sec-2023-01 EAP dissector crash
- Wireshark • wnpa-sec-2023-06 Multiple dissector excessive loops
- Wireshark • wnpa-sec-2023-05 iSCSI dissector crash
- Wireshark • wnpa-sec-2023-02 NFS dissector memory leak
- Wireshark • wnpa-sec-2023-07 TIPC dissector crash
Related products
CVE list
- CVE-2023-0411 high
- CVE-2023-0412 high
- CVE-2023-0413 high
- CVE-2023-0414 high
- CVE-2023-0415 high
- CVE-2023-0416 high
- CVE-2023-0417 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!