Summary
This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to denial of service or to consume excessive CPU resources.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.12 or 1.8.4 or later, For updates refer to http://www.wireshark.org/download
Insight
The flaws are due to an errors in USB, RTCP, WTP, iSCSI, ISAKMP and ICMPv6 dissectors, which can be exploited to cause a crash.
Affected
Wireshark 1.6.x before 1.6.12, 1.8.x before 1.8.4 on Windows
References
- http://secunia.com/advisories/51422
- http://www.wireshark.org/security/wnpa-sec-2012-31.html
- http://www.wireshark.org/security/wnpa-sec-2012-35.html
- http://www.wireshark.org/security/wnpa-sec-2012-36.html
- http://www.wireshark.org/security/wnpa-sec-2012-37.html
- http://www.wireshark.org/security/wnpa-sec-2012-38.html
- http://www.wireshark.org/security/wnpa-sec-2012-40.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-6053, CVE-2012-6058, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- COWON Media Center JetAudio .wav File Denial Of Service Vulnerability
- Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
- Denial of Service (DoS) in Microsoft SMS Client
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities