Synopsis
An application installed on the remote Windows host is affected by multiple vulnerabilities.
Description
The version of Wireshark installed on the remote Windows host is prior to 3.4.10. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.10 advisory.
- The Bluetooth DHT dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
(CVE-2021-39929)
- The Bluetooth HCI_ISO dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
(CVE-2021-39926)
- The Bluetooth SDP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
(CVE-2021-39925)
- The Bluetooth DHT dissector could go into a large loop It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-39924)
- The C12.22 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-39922)
- The IEEE 802.11 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-39928)
- The Modbuss dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-39921)
- The IPPUSB dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-39920)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 3.4.10 or later.
Plugin Details
File Name: wireshark_3_4_10.nasl
Agent: windows
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: installed_sw/Wireshark, SMB/Registry/Enumerated
Exploit Ease: Exploits are available
Patch Publication Date: 11/17/2021
Vulnerability Publication Date: 11/17/2021