Detections
Analytics
Wireshark < 1.2.15 / 1.4.4 Multiple Vulnerabilities
high Nessus Plugin ID 52502
Language:
Synopsis
The remote Windows host contains an application that is affected by multiple vulnerabilities.Description
The installed version of Wireshark is 1.0.x or 1.2.x less than 1.2.15 or 1.4.x less than 1.4.4. Such versions are affected by the following vulnerabilities :- The BER dissector may loop indefinitely. (Bug #1516)
- A crash can occur in the NTLMSSP dissector. (Bug #5157)
- An error exists in the processing of pcap-ng files that causes the application to free an uninitialized pointer. (Bug #5652)
- An error exists in the processing of packets having large length in a pcap-ng file. This can result in application crashes. (Bug #5661)
- A stack overflow vulnerability exists in the LDAP and SMB dissectors. (Bug #5717)
- An error exists in the processing of malformed 6LoWPAN packets. This affects only 32-bit platforms and can result in application crashes. (Bug #5722)
- An error exists in the processing of large LDAP filter strings that cause the application to consume excessive amounts of memory. (Bug #5732)
Solution
Upgrade to Wireshark version 1.2.15 / 1.4.4 or later.See Also
http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5661
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5722
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732
http://www.wireshark.org/security/wnpa-sec-2011-03.html
https://www.wireshark.org/security/wnpa-sec-2011-04.html
https://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
https://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Plugin Details
Severity: High
ID: 52502
File Name: wireshark_1_4_4.nasl
Version: 1.17
Type: local
Agent: windows
Family: Windows
Published: 3/2/2011
Updated: 3/9/2023
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Wireshark/Installed
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/1/2011
Vulnerability Publication Date: 2/3/2011
Reference Information
CVE: CVE-2011-0538, CVE-2011-0713, CVE-2011-1138, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1142, CVE-2011-1143
BID: 46167, 46416, 46626, 46636, 46796, 46945
Secunia: 42767