KLA61756
Multiple vulnerabilities in Wireshark

Updated: 11/02/2023
Detect date
05/24/2023
Severity
?
High
Description

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in NetScaler file parser can be exploited to cause denial of service.
  2. Denial of service vulnerability in XRA dissector can be exploited to cause denial of service.
  3. Denial of service vulnerability in VMS TCPIPtrace file parser can be exploited to cause denial of service.
  4. Denial of service vulnerability in Candump log file parser can be exploited to cause denial of service.
  5. Denial of service vulnerability in RTPS dissector can be exploited to cause denial of service.
  6. Denial of service vulnerability in BLF file parser can be exploited to cause denial of service.
  7. Denial of service vulnerability in GDSDB dissector can be exploited to cause denial of service.
  8. Denial of service vulnerability in IEEE C37.118 Synchrophasor dissector can be exploited to cause denial of service.
Affected products

Wireshark 3.6.x earlier than 3.6.14
Wireshark 4.0.x earlier than 4.0.6

Solution

Update to the latest version
Download Wireshark

Original advisories

Wireshark • wnpa-sec-2023-15 NetScaler file parser crash
Wireshark • wnpa-sec-2023-12 Candump log file parser crash
Wireshark • wnpa-sec-2023-19 IEEE C37.118 Synchrophasor dissector crash
Wireshark • wnpa-sec-2023-20 XRA dissector infinite loop
Wireshark • wnpa-sec-2023-13 BLF file parser crash
Wireshark • wnpa-sec-2023-18 RTPS dissector crash
Wireshark • wnpa-sec-2023-16 VMS TCPIPtrace file parser crash
Wireshark • wnpa-sec-2023-17 BLF file parser crash
Wireshark • wnpa-sec-2023-14 GDSDB dissector infinite loop

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
Wireshark
CVE-IDS
?
CVE-2023-06665.0Warning
CVE-2023-28575.0Warning
CVE-2023-28555.0Warning
CVE-2023-28795.0Warning
CVE-2023-29525.0Warning
CVE-2023-06685.0Warning
CVE-2023-28545.0Warning
CVE-2023-28565.0Warning
CVE-2023-28585.0Warning
Find out the statistics of the vulnerabilities spreading in your region