Wireshark 1.10.x < 1.10.14 / 1.12.x < 1.12.5 Multiple DoS Vulnerabilities

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
multiple denial of service vulnerabilities.

Description :

The version of Wireshark installed on the remote Windows host is
1.10.x prior to 1.10.14, or 1.12.x prior to 1.12.5. It is, therefore,
affected by various denial of service vulnerabilities in the following
items :

- LBMR dissector (CVE-2015-3808, CVE-2015-3809)

- WebSocket dissector (CVE-2015-3810)

- WCP dissector (CVE-2015-3811)

- X11 dissector (CVE-2015-3812)

- Packet reassembly code (CVE-2015-3813)

- IEEE 802.11 dissector (CVE-2015-3814)

- Android Logcat file parser (CVE-2015-3815,
CVE-2015-3906)

A remote attacker can exploit these vulnerabilities to cause Wireshark
to crash or consume excessive CPU resources, either by injecting a
specially crafted packet onto the wire or by convincing a user to read
a malformed packet trace or PCAP file.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://www.wireshark.org/security/wnpa-sec-2015-12.html
https://www.wireshark.org/security/wnpa-sec-2015-13.html
https://www.wireshark.org/security/wnpa-sec-2015-14.html
https://www.wireshark.org/security/wnpa-sec-2015-15.html
https://www.wireshark.org/security/wnpa-sec-2015-16.html
https://www.wireshark.org/security/wnpa-sec-2015-17.html
https://www.wireshark.org/security/wnpa-sec-2015-18.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html

Solution :

Upgrade to Wireshark version 1.10.14 / 1.12.5 or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now