Summary
This host is installed with Wireshark and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to obtain sensitive information, cause denial of service or to consume excessive CPU resources.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.8.4 or later,
For updates refer to http://www.wireshark.org/download
Insight
The flaws are due to
- Hostname disclosure by reading pcap-ng files.
- The dissect_sflow_245_address_type() in sFlow dissector fails to handle length calculations for an invalid IP address type.
- Errors in 3GPP2 A11, SCTP and EIGRP dissectors, which can be exploited to cause a crash.
Affected
Wireshark versions 1.8.x before 1.8.4 on Windows
References
- http://secunia.com/advisories/51422
- http://www.wireshark.org/security/wnpa-sec-2012-30.html
- http://www.wireshark.org/security/wnpa-sec-2012-32.html
- http://www.wireshark.org/security/wnpa-sec-2012-33.html
- http://www.wireshark.org/security/wnpa-sec-2012-34.html
- http://www.wireshark.org/security/wnpa-sec-2012-39.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-6052, CVE-2012-6054, CVE-2012-6055, CVE-2012-6056, CVE-2012-6057 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Asterisk CIDR Notation in Access Rule Remote Security Bypass Vulnerability
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)