V-037: Wireshark Multiple Bugs Let Remote Users Deny Service

November 30, 2012 - 3:30am

PROBLEM:

Wireshark Multiple Bugs Let Remote Users Deny Service

PLATFORM:

Version(s): prior to 1.6.12, 1.8.4

ABSTRACT:

Several vulnerabilities were reported in Wireshark.

IMPACT ASSESSMENT:

Medium

DISCUSSION:

Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. A user can obtain potentially sensitive information.

A remote user can send specially crafted data to cause Wireshark to enter an infinite loop.

The USB dissector is affected [CVE-2012-5593].

The sFlow dissector is affected [CVE-2012-5594].

The SCTP dissector is affected [CVE-2012-5595].

The EIGRP dissector is affected [CVE-2012-5596].

The iSCSI dissector is affected [CVE-2012-5598].

The WTP dissector is affected [CVE-2012-5599].

The RTCP dissector is affected [CVE-2012-5600].

The 3GPP2 A11 dissector is affected [CVE-2012-5601].

The ICMPv6 dissector is affected [CVE-2012-5602].

A remote user can send specially crafted data to cause the ISAKMP dissector to crash [CVE-2012-5597].

A user can obtain potentially sensitive host name resolution information when working with multiple pcap-ng files [CVE-2012-5592].

IMPACT:

A remote user can cause denial of service conditions.

A user can obtain potentially sensitive information.

SOLUTION:

Upgrade Wireshark to 1.6.12, 1.8.4.

JC3 Contact:

Voice:Hotline at 1-866-941-2472

World Wide Web: http://energy.gov/cio/services/incident-management

E-mail: circ@jc3.doe.gov

JC3 services are available to JC3-Joint Cybersecurity Coordination Center, and JC3 Contractors.

Energy.gov

Office of the Chief Information Officer

Office of the Chief Information Officer

All Offices

You are here