Searching
..

Click anywhere to stop

KLA12488
Multiple vulnerabilities in Wireshark

Обновлено: 22/01/2024
Дата обнаружения
10/02/2022
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in RTMPT dissector can be exploited via special crafted packet to cause denial of service.
  2. Denial of service vulnerability in CMS dissector can be exploited via special crafted packet to cause denial of service.
  3. Denial of service vulnerability in multiple dissectors can be exploited via special crafted packet to cause denial of service.
  4. Denial of service vulnerability in CSN.1 dissector can be exploited via special crafted packet to cause denial of service.
  5. Denial of service vulnerability in PVFS dissector can be exploited via special crafted packet to cause denial of service.
Пораженные продукты

Wireshark 3.4.x earlier than 3.4.12
Wireshark 3.6.x earlier than 3.6.2

Решение

Update to the latest version
Download Wireshark

Первичный источник обнаружения
RTMPT dissector infinite loop
Large loops in multiple dissectors
PVFS dissector crash
CSN.1 dissector crash
CMS dissector crash
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2022-05867.8Critical
CVE-2022-05815.0Warning
CVE-2022-05854.3Warning
CVE-2022-05827.5Critical
CVE-2022-05835.0Warning
Узнай статистику распространения уязвимостей в твоем регионе