In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was     addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the     directory graph on a filesystem. (CVE-2020-13164)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6262-1 advisory.

    It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration     options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in     a denial of service. (CVE-2020-13164)

    It was discovered that Wireshark did not properly handle certain GVCP packages. An attacker could possibly     use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected     Ubuntu 20.04 LTS. (CVE-2020-15466)

    It was discovered that Wireshark did not properly handle certain Kafka packages. An attacker could     possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only     affected Ubuntu 20.04 LTS. (CVE-2020-17498)

    It was discovered that Wireshark did not properly handle certain TCP packages containing an invalid 0xFFFF     checksum. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of     service. (CVE-2020-25862)

    It was discovered that Wireshark did not properly handle certain MIME packages containing invalid parts.
    An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service.
    (CVE-2020-25863)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

ASN.1 BER and related dissectors crash.

CVE-2019-16319

The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

The CMS dissector could crash.

CVE-2020-7045

The BT ATT dissector could crash.

CVE-2020-9428

The EAP dissector could crash.

CVE-2020-9430

The WiMax DLMAP dissector could crash.

CVE-2020-9431

The LTE RRC dissector could leak memory.

CVE-2020-11647

The BACapp dissector could crash.

CVE-2020-13164

The NFS dissector could crash.

CVE-2020-15466

The GVCP dissector could go into an infinite loop.

CVE-2020-25862

The TCP dissector could crash.

CVE-2020-25863

The MIME Multipart dissector could crash.

CVE-2020-26418

Memory leak in the Kafka protocol dissector.

CVE-2020-26421

Crash in USB HID protocol dissector.

CVE-2020-26575

The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.

CVE-2020-28030

The GQUIC dissector could crash.

For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark fixes the following issues :

  - Wireshark to 3.2.5 :

  - CVE-2020-15466: GVCP dissector infinite loop     (bsc#1173606)

  - CVE-2020-13164: NFS dissector crash (bsc#1171899)

  - CVE-2020-11647: The BACapp dissector could crash     (bsc#1169063)

  - Further features, bug fixes and updated protocol support     as listed in:
    https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.
    html

This update was imported from the SUSE:SLE-15:Update update project.

This update for wireshark fixes the following issues :

Wireshark to 3.2.5 :

  - CVE-2020-15466: GVCP dissector infinite loop     (bsc#1173606)

  - CVE-2020-13164: NFS dissector crash (bsc#1171899)

  - CVE-2020-11647: The BACapp dissector could crash     (bsc#1169063)

Further features, bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-202007-13 (Wireshark: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Wireshark. Please       review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

New version 3.2.4, enabled build with androiddump.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Wireshark installed on the remote Windows host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
223218	Linux Distros Unpatched Vulnerability : CVE-2020-13164	Nessus	Misc.	high
179061	Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Wireshark vulnerabilities (USN-6262-1)	Nessus	Ubuntu Local Security Checks	high
146291	Debian DLA-2547-1 : wireshark security update	Nessus	Debian Local Security Checks	high
139645	openSUSE Security Update : wireshark (openSUSE-2020-1199)	Nessus	SuSE Local Security Checks	high
139561	openSUSE Security Update : wireshark (openSUSE-2020-1188)	Nessus	SuSE Local Security Checks	high
139405	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:2144-1)	Nessus	SuSE Local Security Checks	high
138936	GLSA-202007-13 : Wireshark: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
137113	Fedora 32 : 1:wireshark (2020-4f5588cf97)	Nessus	Fedora Local Security Checks	high
136989	Fedora 31 : 1:wireshark (2020-ca3d3f15f0)	Nessus	Fedora Local Security Checks	high
136926	Wireshark 3.0.x < 3.0.11 NFS dissector DoS Vulnerability	Nessus	Windows	high
136925	Wireshark 3.0.x < 3.0.11 NFS Dissector Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
136924	Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability	Nessus	Windows	high
136923	Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
136922	Wireshark 2.6.x < 2.6.17 NFS dissector DoS Vulnerability	Nessus	Windows	high
136921	Wireshark 2.6.x < 2.6.17 NFS dissector Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2020-13164

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high