In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6262-1 advisory.

  - In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was     addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the     directory graph on a filesystem. (CVE-2020-13164)

  - In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in     epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations. (CVE-2020-15466)

  - In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in     epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. (CVE-2020-17498)

  - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was     addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
    (CVE-2020-25862)

  - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could     crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid     MIME parts. (CVE-2020-25863)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

ASN.1 BER and related dissectors crash.

CVE-2019-16319

The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

The CMS dissector could crash.

CVE-2020-7045

The BT ATT dissector could crash.

CVE-2020-9428

The EAP dissector could crash.

CVE-2020-9430

The WiMax DLMAP dissector could crash.

CVE-2020-9431

The LTE RRC dissector could leak memory.

CVE-2020-11647

The BACapp dissector could crash.

CVE-2020-13164

The NFS dissector could crash.

CVE-2020-15466

The GVCP dissector could go into an infinite loop.

CVE-2020-25862

The TCP dissector could crash.

CVE-2020-25863

The MIME Multipart dissector could crash.

CVE-2020-26418

Memory leak in the Kafka protocol dissector.

CVE-2020-26421

Crash in USB HID protocol dissector.

CVE-2020-26575

The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.

CVE-2020-28030

The GQUIC dissector could crash.

For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark fixes the following issues :

Update to wireshark 3.2.7 :

  - CVE-2020-25863: MIME Multipart dissector crash     (bsc#1176908)

  - CVE-2020-25862: TCP dissector crash (bsc#1176909)

  - CVE-2020-25866: BLIP dissector crash (bsc#1176910)

  - CVE-2020-17498: Kafka dissector crash (bsc#1175204)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for wireshark fixes the following issues :

  - Update to wireshark 3.2.7 :

  - CVE-2020-25863: MIME Multipart dissector crash     (bsc#1176908)

  - CVE-2020-25862: TCP dissector crash (bsc#1176909)

  - CVE-2020-25866: BLIP dissector crash (bsc#1176910)

  - CVE-2020-17498: Kafka dissector crash (bsc#1175204)

This update was imported from the SUSE:SLE-15:Update update project.

New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Wireshark installed on the remote Windows host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.0.14 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

  - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.0.14 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

  - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.7 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

  - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.7 advisory.

  - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2020-25863)

  - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)

  - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
179061	Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Wireshark vulnerabilities (USN-6262-1)	Nessus	Ubuntu Local Security Checks	high
146291	Debian DLA-2547-1 : wireshark security update	Nessus	Debian Local Security Checks	high
143863	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:3166-1)	Nessus	SuSE Local Security Checks	high
142838	openSUSE Security Update : wireshark (openSUSE-2020-1878)	Nessus	SuSE Local Security Checks	high
142829	openSUSE Security Update : wireshark (openSUSE-2020-1882)	Nessus	SuSE Local Security Checks	high
141869	Fedora 33 : 1:wireshark (2020-9bda6ae1cd)	Nessus	Fedora Local Security Checks	high
141522	Fedora 31 : 1:wireshark (2020-1b390bec14)	Nessus	Fedora Local Security Checks	high
141510	Fedora 32 : 1:wireshark (2020-1bf4b97c16)	Nessus	Fedora Local Security Checks	high
140777	Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities	Nessus	Windows	high
140776	Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high
140775	Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities	Nessus	Windows	high
140774	Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high
140757	Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities	Nessus	Windows	high
140756	Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2020-25863

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high