Detections
Analytics
Wireshark 3.0.x < 3.0.9 Multiple Vulnerabilities
high Nessus Plugin ID 134110
Language:
Synopsis
An application installed on the remote Windows host is affected by multiple vulnerabilities.Description
The version of Wireshark installed on the remote Windows host is prior to 3.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.0.9 advisory.- The LTE RRC dissector could leak memory. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16341)
- The WiMax DLMAP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark- bug-16368)
- The EAP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16397)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 3.0.9 or later.See Also
https://www.wireshark.org/docs/relnotes/wireshark-3.0.9.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341
https://www.wireshark.org/security/wnpa-sec-2020-03
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368
https://www.wireshark.org/security/wnpa-sec-2020-04
Plugin Details
Severity: High
ID: 134110
File Name: wireshark_3_0_9.nasl
Version: 1.3
Type: local
Agent: windows
Family: Windows
Published: 2/28/2020
Updated: 4/24/2020
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Registry/Enumerated, installed_sw/Wireshark
Patch Publication Date: 2/26/2020
Vulnerability Publication Date: 2/26/2020
Reference Information
IAVB: 2020-B-0011-S