Wireshark 'SIP' And 'NTLMSSP' Denial Of Service Vulnerability-01 Dec13 (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Impact Level: System/Application

Solution

Upgrade to Wireshark version 1.8.12 or 1.10.4 or later, For updates refer to http://www.wireshark.org/download

Insight

Flaw is due to an error within the SIP dissector (epan/dissectors/packet-sip.c) and NTLMSSP v2 dissector.

Affected

Wireshark version 1.8.x before 1.8.12 and 1.10.x before 1.10.4 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/56097
http://www.osvdb.com/101151
https://www.wireshark.org/security/wnpa-sec-2013-66.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-7112, CVE-2013-7114

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
Adobe Reader Plugin Signature Bypass Vulnerability (Linux)
Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Adobe Products Unspecified Cross-Site Scripting Vulnerability June-2011 (Windows)

Wireshark 'SIP' and 'NTLMSSP' Denial of Service Vulnerability-01 Dec13 (Mac OS X)

Take action and discover your vulnerabilities