Wireshark Multiple Denial Of Service Vulnerabilities - July 12 (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to the Wireshark version 1.4.13, 1.6.8 or later, For updates refer to http://www.wireshark.org/download

Insight

- Errors in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors can be exploited to cause infinite loops via specially crafted packets. - An error in the DIAMETER dissector does not properly allocate memory and can be exploited to cause a crash via a specially crafted packet.

Affected

Wireshark versions 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on Mac OS X

References

http://secunia.com/advisories/49226/
http://www.wireshark.org/security/wnpa-sec-2012-08.html
http://www.wireshark.org/security/wnpa-sec-2012-09.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2392, CVE-2012-2393, CVE-2012-3825, CVE-2012-3826

CVSS	Base Score: 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
ngIRCd SSL/TLS Support MOTD Request Multiple Denial Of Service Vulnerabilities
TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Windows)

Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)

Take action and discover your vulnerabilities