KLA12354
Multiple vulnerabilities in Wireshark

Обновлено: 25/11/2021
Дата обнаружения
17/11/2021
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in IEEE 802.11 dissector can be exploited via special crafted packet to cause denial of service.
  2. Denial of service vulnerability in Bluetooth DHT dissector can be exploited via special crafted packet to cause denial of service.
  3. Denial of service vulnerability in Modbuss dissector can be exploited via special crafted packet to cause denial of service.
  4. Denial of service vulnerability in C12.22 dissector can be exploited via special crafted packet to cause denial of service.
  5. Denial of service vulnerability in Bluetooth SDP dissector can be exploited via special crafted packet to cause denial of service.
Пораженные продукты

Wireshark 3.4.x earlier than 3.4.10
Wireshark 3.2.x earlier than 3.2.18

Решение

Update to the latest version
Download Wireshark

Первичный источник обнаружения
Bluetooth DHT dissector large loop
Bluetooth DHT dissector crash
Bluetooth SDP dissector crash
IEEE 802.11 dissector crash
C12.22 dissector crash
Modbus dissector crash
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2021-399280.0Unknown
CVE-2021-399240.0Unknown
CVE-2021-399210.0Unknown
CVE-2021-399220.0Unknown
CVE-2021-399290.0Unknown
CVE-2021-399250.0Unknown
Узнай статистику распространения уязвимостей в твоем регионе