openSUSE-SU-2013:1481

openSUSE-SU-2013:1483

54812

55022

DSA-2756

oval:org.mitre.oval:def:18958

https://www.wireshark.org/security/wnpa-sec-2013-59.html

The remote Solaris system is missing necessary patches to address security updates :

  - The Bluetooth HCI ACL dissector in Wireshark 1.10.x     before 1.10.2 does not properly maintain a certain free     list, which allows remote attackers to cause a denial of     service (application crash) via a crafted packet that is     not properly handled by the wmem_block_alloc function in     epan/wmem/wmem_allocator_block.c. (CVE-2013-5717)

  - The dissect_nbap_T_dCH_ID function in     epan/dissectors/packet-nbap.c in the NBAP dissector in     Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2     does not restrict the dch_id value, which allows remote     attackers to cause a denial of service (application     crash) via a crafted packet. (CVE-2013-5718)

  - epan/dissectors/packet-assa_r3.c in the ASSA R3     dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x     before 1.10.2 allows remote attackers to cause a denial     of service (infinite loop) via a crafted packet.
    (CVE-2013-5719)

  - Buffer overflow in the RTPS dissector in Wireshark 1.8.x     before 1.8.10 and 1.10.x before 1.10.2 allows remote     attackers to cause a denial of service (application     crash) via a crafted packet. (CVE-2013-5720)

  - The dissect_mq_rr function in     epan/dissectors/packet-mq.c in the MQ dissector in     Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2     does not properly determine when to enter a certain     loop, which allows remote attackers to cause a denial of     service (application crash) via a crafted packet.
    (CVE-2013-5721)

  - Unspecified vulnerability in the LDAP dissector in     Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2     allows remote attackers to cause a denial of service     (application crash) via a crafted packet.
    (CVE-2013-5722)

This wireshark update to 1.8.10 fixes several security and non security bugs. [bnc#839607]

  + vulnerabilities fixed :

  - The NBAP dissector could crash. wnpa-sec-2013-55     CVE-2013-5718

  - The ASSA R3 dissector could go into an infinite loop.
    wnpa-sec-2013-56 CVE-2013-5719

  - The RTPS dissector could overflow a buffer.
    wnpa-sec-2013-57 CVE-2013-5720

  - The MQ dissector could crash. wnpa-sec-2013-58     CVE-2013-5721

  - The LDAP dissector could crash. wnpa-sec-2013-59     CVE-2013-5722

  - The Netmon file parser could crash. wnpa-sec-2013-60

  + Further bug fixes and updated protocol support as listed     in:
    https://www.wireshark.org/docs/relnotes/wireshark-1.8.10     .html

The remote host is affected by the vulnerability described in GLSA-201312-13 (Wireshark: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Wireshark. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

Multiple vulnerabilities was found and corrected in Wireshark :

The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-5718).

epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet (CVE-2013-5719).

Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-5720).

The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-5721).

Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-5722).

This advisory provides the latest supported version of Wireshark (1.8.10) which is not vulnerable to these issues.

Multiple vulnerabilities were discovered in the dissectors for LDAP, RTPS and NBAP and in the Netmon file parser, which could result in denial of service or the execution of arbitrary code.

The installed version of Wireshark 1.10 is earlier than 1.10.2.  It is, therefore, affected by denial of service vulnerabilities in the following dissectors :

  - Bluetooth HCI ACL (Bug #8722)
  - NBAP (Bug #9005)
  - NBAP (Bug #9005)
  - ASSA R3 (Bug #9020)
  - RTPS (Bug #9019)
  - MQ (Bug #9079)
  - LDAP (No bug ID)
  - Netmon file parser (Bug #8742)

The installed version of Wireshark 1.8 is earlier than 1.8.10.  It is, therefore, affected by denial of service vulnerabilities in the following dissectors :

  - NBAP (Bug #9005)
  - ASSA R3 (Bug #9020)
  - RTPS (Bug #9019)
  - MQ (Bug #9079)
  - LDAP (No bug ID)
  - Netmon file parser (Bug #8742)

ID	Name	Product	Family	Severity
80809	Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark7)	Nessus	Solaris Local Security Checks	medium
75145	openSUSE Security Update : wireshark (openSUSE-SU-2013:1481-1)	Nessus	SuSE Local Security Checks	medium
71488	GLSA-201312-13 : Wireshark: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
70004	Mandriva Linux Security Advisory : wireshark (MDVSA-2013:238)	Nessus	Mandriva Local Security Checks	medium
69885	Debian DSA-2756-1 : wireshark - several vulnerabilities	Nessus	Debian Local Security Checks	medium
69881	Wireshark 1.10.x < 1.10.2 Multiple DoS	Nessus	Windows	medium
69880	Wireshark 1.8.x < 1.8.10 Multiple DoS	Nessus	Windows	medium

CVE-2013-5722

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium