The version of Wireshark installed on the remote Windows host is prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.6 advisory.

  - The MP4 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-13777)

  - The ADB dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-14460)

  - The IEEE 802.15.4 dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-     bug-14468)

  - The NBAP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-14471)

  - The VLAN dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-14469)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Wireshark 2.4.x < 2.4.6 Multiple Vulnerabilities

medium Nessus Plugin ID 108885

Version 1.9