Summary
This host is installed with Wireshark
and is prone to multiple denial-of-service vulnerabilities.
Impact
Successful exploitation will allow
attackers to conduct multiple denial-of-service attacks.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.10.12,
1.12.3 or later, For updates refer to https://www.wireshark.org
Insight
Multiple flaws are due to,
- An error within the SMTP dissector.
- An error within the DEC DNA Routing Protocol dissector.
- An error within the LPP dissector.
- Two errors within the WCCP dissector.
- An error when decypting TLS/SSL sessions.
Affected
Wireshark 1.10.x before 1.10.12 and
1.12.x before 1.12.3 on Windows
Detection
Get the installed version with the
help of detect NVT and check the version is vulnerable or not.
References
- http://osvdb.org/116808
- http://secunia.com/advisories/62020
- https://www.wireshark.org/security/wnpa-sec-2015-01.html
- https://www.wireshark.org/security/wnpa-sec-2015-02.html
- https://www.wireshark.org/security/wnpa-sec-2015-03.html
- https://www.wireshark.org/security/wnpa-sec-2015-04.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2015-0559, CVE-2015-0560, CVE-2015-0561, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)
- ArGoSoft FTP Server XCWD Overflow
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
- FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
- ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability