Summary
This host is installed with Wireshark and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to cause application crash, consume memory or heap-based buffer overflow.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.8.8 or later,
For updates refer to http://www.wireshark.org/download
Insight
Multiple flaws due to erros in,
- 'epan/dissectors/packet-gmr1_bcch.c' in GMR-1 BCCH dissector - dissect_iphc_crtp_fh() function in 'epan/dissectors/packet-ppp.c' in PPP dissector
- Array index error in NBAP dissector
- 'epan/dissectors/packet-rdp.c' in the RDP dissector - dissect_schedule_message() function in 'epan/dissectors/packet-gsm_cbch.c' in GSM CBCH dissector
- dissect_r3_upstreamcommand_queryconfig() function in 'epan/dissectors/packet-assa_r3.c' in Assa Abloy R3 dissector - vwr_read() function in 'wiretap/vwr.c' in Ixia IxVeriWave file parser
Affected
Wireshark 1.8.x before 1.8.8 on Mac OS X
References
Severity
Classification
-
CVE CVE-2013-4075, CVE-2013-4076, CVE-2013-4077, CVE-2013-4078, CVE-2013-4079, CVE-2013-4080, CVE-2013-4082 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
- Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
- Comodo Internet Security Denial of Service Vulnerability-04
- Apache Tomcat Content-Type Header Denial Of Service Vulnerability
- Apache Traffic Server HTTP Host Header Denial of Service Vulnerability