Summary
This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to denial of service or to consume excessive CPU resources.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.12 or 1.8.4 or later, For updates refer to http://www.wireshark.org/download
Insight
The flaws are due to an errors in USB, RTCP, WTP, iSCSI, ISAKMP and ICMPv6 dissectors, which can be exploited to cause a crash.
Affected
Wireshark 1.6.x before 1.6.12, 1.8.x before 1.8.4 on Mac OS X
References
- http://secunia.com/advisories/51422
- http://www.wireshark.org/security/wnpa-sec-2012-31.html
- http://www.wireshark.org/security/wnpa-sec-2012-35.html
- http://www.wireshark.org/security/wnpa-sec-2012-36.html
- http://www.wireshark.org/security/wnpa-sec-2012-37.html
- http://www.wireshark.org/security/wnpa-sec-2012-38.html
- http://www.wireshark.org/security/wnpa-sec-2012-40.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-6053, CVE-2012-6058, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability
- Denial of Service vulnerability in AVG Anti-Virus (Linux)
- ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)
- Apache Subversion 'mod_dav_svn' log REPORT Request DoS Vulnerability
- Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability