KLA10796 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet.

Technical details

These vulnerabilities can be exploited remotely via a vectors related to stack-based buffer overflow and improper memory initialisation for search patterns in NCP dissector, integer signedness error and improper memory objects handling in the MS-WSP dissector, using wrong variable for indexing an array in the GSM CBCH dissector, using incorrect integer data type in the IAX2 dissector, misparsing timestamp fields and absence of verification of BER identifiers in the PKTC dissector, improper restrictions of element list in IEEE 802.11 dissector, incorrect special-case handling of truncated Tvb data structures, impoper limitations of protocol-tree depth.

Original advisories

Wireshark Security Advisories

Related products

Wireshark

CVE list

CVE-2016-4085 warning

CVE-2016-4084 warning

CVE-2016-4083 warning

CVE-2016-4082 warning

CVE-2016-4081 warning

CVE-2016-4080 warning

CVE-2016-4079 warning

CVE-2016-4078 warning

CVE-2016-4077 warning

CVE-2016-4076 warning

CVE-2016-4006 warning

Solution

Update to the latest version

Download Wireshark

Impacts

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

• Wireshark 1.12 versions earlier than 1.12.11.Wireshark 2.0 versions earlier than 2.0.3Wireshark 1.12 versions earlier than 1.12.11.Wireshark 2.0 versions earlier than 2.0.3