Detections
Analytics
Wireshark 1.10.x < 1.10.14 / 1.12.x < 1.12.5 Multiple DoS Vulnerabilities
high Nessus Plugin ID 83488
Language:
Synopsis
The remote Windows host contains an application that is affected by multiple denial of service vulnerabilities.Description
The version of Wireshark installed on the remote Windows host is 1.10.x prior to 1.10.14, or 1.12.x prior to 1.12.5. It is, therefore, affected by various denial of service vulnerabilities in the following items :- LBMR dissector (CVE-2015-3808, CVE-2015-3809)
- WebSocket dissector (CVE-2015-3810)
- WCP dissector (CVE-2015-3811)
- X11 dissector (CVE-2015-3812)
- Packet reassembly code (CVE-2015-3813)
- IEEE 802.11 dissector (CVE-2015-3814)
- Android Logcat file parser (CVE-2015-3815, CVE-2015-3906)
A remote attacker can exploit these vulnerabilities to cause Wireshark to crash or consume excessive CPU resources, either by injecting a specially crafted packet onto the wire or by convincing a user to read a malformed packet trace or PCAP file.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 1.10.14 / 1.12.5 or later.See Also
https://www.wireshark.org/security/wnpa-sec-2015-12.html
https://www.wireshark.org/security/wnpa-sec-2015-13.html
https://www.wireshark.org/security/wnpa-sec-2015-14.html
https://www.wireshark.org/security/wnpa-sec-2015-15.html
https://www.wireshark.org/security/wnpa-sec-2015-16.html
https://www.wireshark.org/security/wnpa-sec-2015-17.html
https://www.wireshark.org/security/wnpa-sec-2015-18.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html
Plugin Details
Severity: High
ID: 83488
File Name: wireshark_1_12_5.nasl
Version: 1.9
Type: local
Agent: windows
Family: Windows
Published: 5/15/2015
Updated: 3/9/2023
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.7
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: installed_sw/Wireshark
Exploit Ease: No known exploits are available
Patch Publication Date: 5/12/2015
Vulnerability Publication Date: 1/11/2015
Reference Information
CVE: CVE-2015-3808, CVE-2015-3809, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2015-3814, CVE-2015-3815, CVE-2015-3906
BID: 74628, 74629, 74630, 74631, 74632, 74633, 74635, 74637, 74837