KLA11464
Multiple vulnerabilities in Wireshark

Обновлено: 03/06/2020
Дата обнаружения
08/04/2019
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in SRVLOC dissector can be exploited remotely via specially designed packet.
  2. Denial of service vulnerability in LDSS dissector can be exploited remotely via specially designed packet.
  3. Denial of service vulnerability in GSS-API dissector can be exploited remotely via specially designed packet.
  4. Denial of service vulnerability in DOF dissector can be exploited remotely via specially designed packet.
  5. Denial of service vulnerability in NetScaler file parser can be exploited remotely via specially designed packet.
  6. Denial of service vulnerability in DCERPC SPOOLSS dissector can be exploited remotely via specially designed packet.
Пораженные продукты

Wireshark 3.0.x up to 3.0.1
Wireshark 2.6.x up to 2.6.7
Wireshark 2.4.x up to 2.4.13

Решение

Update to the latest version
Get WIreshark

Первичный источник обнаружения
wnpa-sec-2019-10
wnpa-sec-2019-14
wnpa-sec-2019-17
wnpa-sec-2019-15
wnpa-sec-2019-09
wnpa-sec-2019-18
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2019-108995.0Critical
CVE-2019-109015.0Critical
CVE-2019-108945.0Critical
CVE-2019-108965.0Critical
CVE-2019-108955.0Critical
CVE-2019-109035.0Critical
Узнай статистику распространения уязвимостей в твоем регионе