In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6262-1 advisory.

  - In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was     addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the     directory graph on a filesystem. (CVE-2020-13164)

  - In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in     epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations. (CVE-2020-15466)

  - In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in     epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. (CVE-2020-17498)

  - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was     addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
    (CVE-2020-25862)

  - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could     crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid     MIME parts. (CVE-2020-25863)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

ASN.1 BER and related dissectors crash.

CVE-2019-16319

The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

The CMS dissector could crash.

CVE-2020-7045

The BT ATT dissector could crash.

CVE-2020-9428

The EAP dissector could crash.

CVE-2020-9430

The WiMax DLMAP dissector could crash.

CVE-2020-9431

The LTE RRC dissector could leak memory.

CVE-2020-11647

The BACapp dissector could crash.

CVE-2020-13164

The NFS dissector could crash.

CVE-2020-15466

The GVCP dissector could go into an infinite loop.

CVE-2020-25862

The TCP dissector could crash.

CVE-2020-25863

The MIME Multipart dissector could crash.

CVE-2020-26418

Memory leak in the Kafka protocol dissector.

CVE-2020-26421

Crash in USB HID protocol dissector.

CVE-2020-26575

The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.

CVE-2020-28030

The GQUIC dissector could crash.

For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark fixes the following issues :

  - Wireshark to 3.2.5 :

  - CVE-2020-15466: GVCP dissector infinite loop     (bsc#1173606)

  - CVE-2020-13164: NFS dissector crash (bsc#1171899)

  - CVE-2020-11647: The BACapp dissector could crash     (bsc#1169063)

  - Further features, bug fixes and updated protocol support     as listed in:
    https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.
    html

This update was imported from the SUSE:SLE-15:Update update project.

This update for wireshark fixes the following issues :

Wireshark to 3.2.5 :

  - CVE-2020-15466: GVCP dissector infinite loop     (bsc#1173606)

  - CVE-2020-13164: NFS dissector crash (bsc#1171899)

  - CVE-2020-11647: The BACapp dissector could crash     (bsc#1169063)

Further features, bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-202007-13 (Wireshark: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Wireshark. Please       review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

New version 3.2.4, enabled build with androiddump.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Wireshark installed on the remote Windows host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.

  - It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by     convincing someone to read a malformed packet trace     file. (wireshark-bug-16476)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
179061	Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Wireshark vulnerabilities (USN-6262-1)	Nessus	Ubuntu Local Security Checks	high
146291	Debian DLA-2547-1 : wireshark security update	Nessus	Debian Local Security Checks	high
139645	openSUSE Security Update : wireshark (openSUSE-2020-1199)	Nessus	SuSE Local Security Checks	high
139561	openSUSE Security Update : wireshark (openSUSE-2020-1188)	Nessus	SuSE Local Security Checks	high
139405	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:2144-1)	Nessus	SuSE Local Security Checks	high
138936	GLSA-202007-13 : Wireshark: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
137113	Fedora 32 : 1:wireshark (2020-4f5588cf97)	Nessus	Fedora Local Security Checks	high
136989	Fedora 31 : 1:wireshark (2020-ca3d3f15f0)	Nessus	Fedora Local Security Checks	high
136926	Wireshark 3.0.x < 3.0.11 NFS dissector DoS Vulnerability	Nessus	Windows	high
136925	Wireshark 3.0.x < 3.0.11 NFS Dissector Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
136924	Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability	Nessus	Windows	high
136923	Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
136922	Wireshark 2.6.x < 2.6.17 NFS dissector DoS Vulnerability	Nessus	Windows	high
136921	Wireshark 2.6.x < 2.6.17 NFS dissector Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2020-13164

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high