Summary
This host is installed with Wireshark
and is prone to multiple denial-of-service vulnerabilities.
Impact
Successful exploitation will allow
attackers to conduct multiple denial-of-service attacks.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.10.12,
1.12.3 or later, For updates refer to https://www.wireshark.org
Insight
Multiple flaws are due to,
- An error within the SMTP dissector.
- An error within the DEC DNA Routing Protocol dissector.
- An error within the LPP dissector.
- Two errors within the WCCP dissector.
- An error when decypting TLS/SSL sessions.
Affected
Wireshark 1.10.x before 1.10.12 and
1.12.x before 1.12.3 on Mac OS X
Detection
Get the installed version with the
help of detect NVT and check the version is vulnerable or not.
References
- http://osvdb.org/116808
- http://secunia.com/advisories/62020
- https://www.wireshark.org/security/wnpa-sec-2015-01.html
- https://www.wireshark.org/security/wnpa-sec-2015-02.html
- https://www.wireshark.org/security/wnpa-sec-2015-03.html
- https://www.wireshark.org/security/wnpa-sec-2015-04.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2015-0559, CVE-2015-0560, CVE-2015-0561, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
- F-Secure Policy Manager Server fsmsh.dll module DoS
- FreeRADIUS Tunnel-Password Denial Of Service Vulnerability
- Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
- ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)