Multiple vulnerabilities in Wireshark

説明

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. Denial of service vulnerability in RTMPT dissector can be exploited via special crafted packet to cause denial of service.
2. Denial of service vulnerability in Sysdig Event dissector can be exploited via special crafted packet to cause denial of service.
3. Denial of service vulnerability in RFC 7468 file parser can be exploited via special crafted packet to cause denial of service.
4. Denial of service vulnerability in BitTorrent DHT dissector can be exploited via special crafted packet to cause denial of service.

オリジナルアドバイザリー

• RTMPT dissector infinite loop

• BitTorrent DHT dissector infinite loop
• RFC 7468 file parser infinite loop
• Sysdig Event dissector crash

エクスプロイテーション

Public exploits exist for this vulnerability.

関連製品

• Wireshark

CVEリスト

• CVE-2021-4185
  critical
• CVE-2021-4181
  critical
• CVE-2021-4182
  critical
• CVE-2021-4184
  critical

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com