Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2967 advisory.

  - Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution     via via packet injection or crafted capture file. (CVE-2021-22191)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0581)

  - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows     denial of service via packet injection or crafted capture file (CVE-2022-0582)

  - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0583)

  - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial     of service via packet injection or crafted capture file (CVE-2022-0585)

  - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0586)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202107-21 (Wireshark: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Wireshark. Please       review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2125-1 advisory.

  - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26418)

  - Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or     crafted capture file. (CVE-2020-26419)

  - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26420)

  - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8     allows denial of service via packet injection or crafted capture file. (CVE-2020-26421)

  - Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet     injection or crafted capture file (CVE-2020-26422)

  - Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection     or crafted capture file (CVE-2021-22173)

  - Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or     crafted capture file (CVE-2021-22174)

  - Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution     via via packet injection or crafted capture file. (CVE-2021-22191)

  - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows     denial of service via packet injection or crafted capture file (CVE-2021-22207)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2125-1 advisory.

  - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26418)

  - Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or     crafted capture file. (CVE-2020-26419)

  - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26420)

  - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8     allows denial of service via packet injection or crafted capture file. (CVE-2020-26421)

  - Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet     injection or crafted capture file (CVE-2020-26422)

  - Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection     or crafted capture file (CVE-2021-22173)

  - Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or     crafted capture file (CVE-2021-22174)

  - Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution     via via packet injection or crafted capture file. (CVE-2021-22191)

  - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows     denial of service via packet injection or crafted capture file (CVE-2021-22207)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0909-1 advisory.

  - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26418)

  - Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or     crafted capture file. (CVE-2020-26419)

  - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26420)

  - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8     allows denial of service via packet injection or crafted capture file. (CVE-2020-26421)

  - Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet     injection or crafted capture file (CVE-2020-26422)

  - Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection     or crafted capture file (CVE-2021-22173)

  - Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or     crafted capture file (CVE-2021-22174)

  - Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution     via via packet injection or crafted capture file. (CVE-2021-22191)

  - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows     denial of service via packet injection or crafted capture file (CVE-2021-22207)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.4. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.4 advisory.

  - Wireshark could open unsafe URLs. It may be possible to make Wireshark crash by injecting a malformed     packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-22191)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.4.4. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.4 advisory.

  - Wireshark could open unsafe URLs. It may be possible to make Wireshark crash by injecting a malformed     packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-22191)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.2.12. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.12 advisory.

  - Wireshark could open unsafe URLs. It may be possible to make Wireshark crash by injecting a malformed     packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-22191)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.12. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.12 advisory.

  - Wireshark could open unsafe URLs. It may be possible to make Wireshark crash by injecting a malformed     packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-22191)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
159397	Debian DLA-2967-1 : wireshark - LTS security update	Nessus	Debian Local Security Checks	critical
157006	GLSA-202107-21 : Wireshark: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
151742	openSUSE 15 Security Update : wireshark (openSUSE-SU-2021:2125-1)	Nessus	SuSE Local Security Checks	high
151105	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2021:2125-1)	Nessus	SuSE Local Security Checks	high
151066	openSUSE 15 Security Update : wireshark, libvirt, sbc, libqt5-qtmultimedia (openSUSE-SU-2021:0909-1)	Nessus	SuSE Local Security Checks	high
147648	Wireshark 3.4.x < 3.4.4 A Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high
147647	Wireshark 3.4.x < 3.4.4 A Vulnerability	Nessus	Windows	high
147645	Wireshark 3.2.x < 3.2.12 A Vulnerability	Nessus	Windows	high
147644	Wireshark 3.2.x < 3.2.12 A Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2021-22191

high

Tenable Plugins

critical

high

high

high

high

high

high

high

high