Detections
Analytics
Wireshark 1.12.x < 1.12.7 Multiple DoS (Mac OS X)
medium Nessus Plugin ID 85404
Language:
Synopsis
The remote Mac OS X host has an application installed that is affected by multiple denial of service vulnerabilities.Description
The version of Wireshark installed on the remote Mac OS X host is 1.12.x prior to 1.12.7. It is, therefore, affected by multiple denial of service vulnerabilities :- An unspecified flaw exists that is triggered when adding an item to the protocol tree. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- An invalid memory freeing flaw exists in the Memory Manager. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- An unspecified flaw exists when searching for a protocol dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- An unspecified flaw exists in the ZigBee dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- A flaw exists in the GSM RLC/MAC dissector that results in an infinite loop. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- An unspecified flaw exists in the WaveAgent dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- A flaw exists in the OpenFlow dissector that results in an infinite loop. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to consume excessive CPU resources, resulting in a denial of service condition.
- A flaw exists due to improper validation of ptvcursor lengths. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
- An unspecified flaw exists in the WCCP dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 1.12.7 or later.See Also
https://www.wireshark.org/security/wnpa-sec-2015-21.html
https://www.wireshark.org/security/wnpa-sec-2015-22.html
https://www.wireshark.org/security/wnpa-sec-2015-23.html
https://www.wireshark.org/security/wnpa-sec-2015-24.html
https://www.wireshark.org/security/wnpa-sec-2015-25.html
https://www.wireshark.org/security/wnpa-sec-2015-26.html
https://www.wireshark.org/security/wnpa-sec-2015-27.html
https://www.wireshark.org/security/wnpa-sec-2015-28.html
https://www.wireshark.org/security/wnpa-sec-2015-29.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Plugin Details
Severity: Medium
ID: 85404
File Name: macosx_wireshark_1_12_7.nasl
Version: 1.6
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 8/14/2015
Updated: 1/2/2019
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: installed_sw/Wireshark
Patch Publication Date: 8/11/2015
Vulnerability Publication Date: 6/25/2015