Multiple vulnerabilities in Wireshark

Описание

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. An improper operand validation offsets in the SIGCOMP protocol dissector can be exploited remotely via malformed packet trace file to cause denial of service;
2. Infinite loops in multiple dissectors can be exploited remotely via malformed packet to cause denial of service;
3. An improper certain types of packets handling in the UMTS MAC dissector can be exploited remotely via malformed packet to cause denial of service;
4. An improper certain types of packets handling in the IEEE 802.11 dissector can be exploited remotely via malformed packet to cause denial of service;
5. An improper certain types of packets handling in the FCP protocol dissector can be exploited remotely via malformed packet to cause denial of service;
6. An improper certain types of packets handling in the DOCSIS dissector can be exploited remotely via malformed packet to cause denial of service;
7. An unspecified vulnerability in pcapng file parser can be exploited remotely via malformed packet to cause denial of service;
8. An unspecified vulnerability in the IPMI dissector can be exploited remotely via malformed packet to cause denial of service;
9. An unspecified vulnerability in the SIGCOMP dissector can be exploited remotely via malformed packet to cause denial of service;
10. An unspecified vulnerability in the NBAP dissector can be exploited remotely via malformed packet to cause denial of service;

Первичный источник обнаружения

• WNPA-SEC-2018-13
  WNPA-SEC-2018-11
  WNPA-SEC-2018-09
  WNPA-SEC-2018-08
  WNPA-SEC-2018-06
  WNPA-SEC-2018-12
  WNPA-SEC-2018-10
  WNPA-SEC-2018-14
  WNPA-SEC-2018-05
  WNPA-SEC-2018-07
  

Связанные продукты

• Wireshark

Список CVE

• CVE-2018-7324
  warning
• CVE-2018-7325
  warning
• CVE-2018-7326
  warning
• CVE-2018-7327
  warning
• CVE-2018-7328
  warning
• CVE-2018-7329
  warning
• CVE-2018-7330
  warning
• CVE-2018-7331
  warning
• CVE-2018-7332
  warning
• CVE-2018-7333
  warning
• CVE-2018-7334
  warning
• CVE-2018-7335
  warning
• CVE-2018-7336
  warning
• CVE-2018-7337
  warning
• CVE-2018-7320
  warning
• CVE-2018-7321
  warning
• CVE-2018-7322
  warning
• CVE-2018-7323
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com