Detections
Analytics
Wireshark 2.6.x < 2.6.1 Multiple Vulnerabilities
high Nessus Plugin ID 110269
Language:
Synopsis
An application installed on the remote Windows host is affected by multiple vulnerabilities.Description
The version of Wireshark installed on the remote Windows host is prior to 2.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.1 advisory.- In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. (CVE-2018-11362)
- In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet- ieee1905.c by making a certain correction to string handling. (CVE-2018-11354)
- In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. (CVE-2018-11355)
- In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
(CVE-2018-11357)
- In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
(CVE-2018-11356)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 2.6.1 or later.See Also
https://gitlab.com/wireshark/wireshark/-/issues/14615
https://gitlab.com/wireshark/wireshark/-/issues/14647
https://gitlab.com/wireshark/wireshark/-/issues/14673
https://gitlab.com/wireshark/wireshark/-/issues/14678
https://gitlab.com/wireshark/wireshark/-/issues/14681
https://gitlab.com/wireshark/wireshark/-/issues/14686
https://gitlab.com/wireshark/wireshark/-/issues/14688
https://gitlab.com/wireshark/wireshark/-/issues/14689
https://gitlab.com/wireshark/wireshark/-/issues/14703
https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
https://www.wireshark.org/security/wnpa-sec-2018-25
https://www.wireshark.org/security/wnpa-sec-2018-26
https://www.wireshark.org/security/wnpa-sec-2018-27
https://www.wireshark.org/security/wnpa-sec-2018-28
https://www.wireshark.org/security/wnpa-sec-2018-29
https://www.wireshark.org/security/wnpa-sec-2018-30
https://www.wireshark.org/security/wnpa-sec-2018-31
Plugin Details
Severity: High
ID: 110269
File Name: wireshark_2_6_1.nasl
Version: 1.5
Type: Local
Agent: windows
Family: Windows
Published: 5/31/2018
Updated: 5/1/2026
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2018-11362
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Registry/Enumerated, installed_sw/Wireshark
Exploit Ease: No known exploits are available
Patch Publication Date: 5/12/2018
Vulnerability Publication Date: 5/12/2018
Reference Information
CVE: CVE-2018-11354, CVE-2018-11355, CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11361, CVE-2018-11362
BID: 104308