Wireshark 1.10.x < 1.10.12 / 1.12.x < 1.12.3 Multiple DoS Vulnerabilities

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
multiple denial of service vulnerabilities.

Description :

The remote Windows host has a version of Wireshark installed that is
1.10.x prior to 1.10.12 or 1.12.x prior to 1.12.3. It is, therefore,
affected by multiple denial of service vulnerabilities in the
following dissectors :

- DEC DNA Routing (CVE-2015-0562)
- LPP (CVE-2015-0561)
- SMTP (CVE-2015-0563)
- WCCP (CVE-2015-0559, CVE-2015-0560)

- A denial of service vulnerability also exists related to
a buffer underflow error in TLS/SSL session decryption.
(CVE-2015-0564)

A remote attacker, using a specially crafted packet or malformed pcap
file, can exploit these to cause the application to crash.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://www.wireshark.org/security/wnpa-sec-2015-01.html
https://www.wireshark.org/security/wnpa-sec-2015-02.html
https://www.wireshark.org/security/wnpa-sec-2015-03.html
https://www.wireshark.org/security/wnpa-sec-2015-04.html
https://www.wireshark.org/security/wnpa-sec-2015-05.html
https://www.wireshark.org/docs/relnotes/wireshark-1.10.12.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html

Solution :

Upgrade to Wireshark version 1.10.12 / 1.12.3 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now