KLA12409
Multiple vulnerabilities in Wireshark

Обновлено: 30/12/2021
Дата обнаружения
29/12/2021
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in RTMPT dissector can be exploited via special crafted packet to cause denial of service.
  2. Denial of service vulnerability in Sysdig Event dissector can be exploited via special crafted packet to cause denial of service.
  3. Denial of service vulnerability in RFC 7468 file parser can be exploited via special crafted packet to cause denial of service.
  4. Denial of service vulnerability in BitTorrent DHT dissector can be exploited via special crafted packet to cause denial of service.
Пораженные продукты

Wireshark 3.4.x earlier than 3.4.11
Wireshark 3.6.x earlier than 3.6.1

Решение

Update to the latest version
Download Wireshark

Первичный источник обнаружения
RTMPT dissector infinite loop
BitTorrent DHT dissector infinite loop
RFC 7468 file parser infinite loop
Sysdig Event dissector crash
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
Узнай статистику распространения уязвимостей в твоем регионе