Kaspersky LabKLA11151KLA11151 Denial of service vulnerabilities in Wireshark
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
83.1%
Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via injecting a malformed packet.
Technical details
This vulnerabilities related to next services:
- NetBIOS dissector;
- IWARP_MPA dissector;
- CIP Safety dissector;
NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
CVE-2017-17085 warning
CVE-2017-17083 warning
CVE-2017-17084 warning
Solution
Update to the latest version
Impacts
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Affected Products
- Wireshark versions from 2.4.0 to 2.4.2 and versions from 2.2.0 to 2.2.10
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
83.1%